? logon 



*** It is now 2009/07/16 12:13:47 *** 
(Dialog time 2009/07/16 11:13:47) 

705TEXT1 is set ON as an alias for 15, 16, 160, 148, 621, 275, 634, 47 
705TEXT2 is set ON as an alias for 9, 623, 810, 624, 813, 20, 636 
705BIBLIT is set ON as an alias for 77, 35, 583, 2, 65, 233, 99 
705NEWSBIB is set ON as an alias for 473, 474, 475 
SOFTLIT is set ON as an alias for 256, 278 

705ADLIT is set ON as an alias for 635, 570, PAPERSMJ, PAPERSEU 
HILIGHT set on as ' ' 
DETAIL set off 
KWIC is set to 50. 

?b 

610,613,634,810,813,20,583,474,475,35,65,99,256,9,15,16,148,160,275,621,636,624,2,4 
76, 635, 570, PAPERSMJ, PAPERSEU, 47,347,348,349 

>>> 476 does not exist 

>>>1 of the specified files is not available 

16jul09 10:14:13 User264751 Session D621.1 
$0.00 0.247 DialUnits File415 
$0.00 Estimated cost File415 
$0.11 INTERNET 

$0.11 Estimated cost this search 

$0.11 Estimated total session cost 0.247 DialUnits 

SYSTEM:OS - DIALOG OneSearch 

File 610:Business Wire 1999-2009/Jul 16 
(c) 2009 Business Wire. 
*File 610: File 610 now contains data from 3/99 forward. 
Archive data (1986-2/99) is available in File 810. 
File 613:PR Newswire 1999-2009/Jul 16 

(c) 2009 PR Newswire Association Inc 
*File 613: File 613 now contains data from 5/99 forward. 
Archive data (1987-4/99) is available in File 813. 
File 634:San Jose Mercury Jun 1985-2009/Jul 14 

(c) 2009 San Jose Mercury News 
File 810:Business Wire 1986-1999/Feb 28 

(c) 1999 Business Wire 
File 813 :PR Newswire 1987-1999/Apr 30 

(c) 1999 PR Newswire Association Inc 
File 20:Dialog Global Reporter 1997-2009/Jul 15 

(c) 2009 Dialog 
File 583:Gale Group Globalbase (TM) 1986-2002/Dec 13 
(c) 2002 Gale/Cengage 
*File 583: This file is no longer updating as of 12-13-2002. 
File 474:New York Times Abs 1969-2009/Jul 16 

(c) 2009 The New York Times 
File 475:Wall Street Journal Abs 1973-2009/Jul 16 

(c) 2009 The New York Times 
File 35:Dissertation Abs Online 1861-2009/Jun 

(c) 2009 ProQuest Inf o&Learning 
File 65:Inside Conferences 1993-2009/Jul 14 

(c) 2009 BLDSC all rts. reserv. 
File 99:Wilson Appl . Sci & Tech Abs 1983-2009/Jun 



(c) 2009 The HW Wilson Co. 
File 256 :TecTrends 1982-2009/Jul W2 

(c) 2009 Info. Sources Inc. All rights res. 
File 9:Business & Industry(R) Jul/1994-2009/Jul 15 

(c) 2009 Gale/Cengage 
File 15:ABI/Inform(R) 1971-2009/Jul 15 

(c) 2009 ProQuest Inf o&Learning 
File 16:Gale Group PROMT (R) 1990-2009/Jun 23 

(c) 2009 Gale/Cengage 
*File 16: UD/banner does not reflect last processed date 
File 148:Gale Group Trade & Industry DB 1976-2009/Jun 30 

(c) 2009 Gale/Cengage 
*File 148: The CURRENT feature is not working in File 148. 
See HELP NEWS148. 

File 160:Gale Group PROMT (R) 1972-1989 

(c) 1999 The Gale Group 
File 275:Gale Group Computer DB(TM) 1983-2009/Jun 17 

(c) 2009 Gale/Cengage 
File 621:Gale Group New Prod . Annou . (R) 1985-2009/Jun 09 

(c) 2009 Gale/Cengage 
File 636:Gale Group Newsletter DB(TM) 1987-2009/Jun 23 

(c) 2009 Gale/Cengage 
File 624:McGraw-Hill Publications 1985-2009/Jul 16 

(c) 2009 McGraw-Hill Co. Inc 
File 2:INSPEC 1898-2009/Jul Wl 

(c) 2009 The IET 
File 635:Business Dateline(R) 1985-2009/Jul 15 

(c) 2009 ProQuest Inf o&Learning 
File 570:Gale Group MARS (R) 1984-2009/Jun 23 

(c) 2009 Gale/Cengage 
File 387:The Denver Post 1994-2009/Jul 15 

(c) 2009 Denver Post 
File 471:New York Times Fulltext 1980-2009/Jul 15 

(c) 2009 The New York Times 
File 492:Arizona Repub/Phoenix Gaz 19862002/Jan 06 

(c) 2002 Phoenix Newspapers 
*File 492: File 492 is closed (no longer updating). Use 
Newsroom, Files 989 and 990, for current records. 
File 494:St LouisPost-Dispatch 1988-2009/Jun 19 

(c) 2009 St Louis Post-Dispatch 
File 631:Boston Globe 1980-2009/Jul 16 

(c) 2009 Boston Globe 
File 633:Phil. Inquirer 1983-2009/Jul 16 

(c) 2009 Philadelphia Newspapers Inc 
File 638 :Newsday/New York Newsday 1987-2009/Jul 16 

(c) 2009 Newsday Inc. 
File 640:San Francisco Chronicle 1988-2009/Jul 12 

(c) 2009 Chronicle Publ . Co. 
File 641:Rocky Mountain News Jun 1989-2009/Jan 16 

(c) 2009 Scripps Howard News 
*File 641: This file has ceased updating 
File 702:Miami Herald 1983-2009/Jul 16 

(c) 2009 The Miami Herald Publishing Co. 
File 703:USA Today 1989-2009/Jul 15 

(c) 2009 USA Today 
File 704: (Portland) The Oregonian 1989-2009/Jul 15 

(c) 2009 The Oregonian 



File 713:Atlanta J/Const. 1989-2009/Mar 08 

(c) 2009 Atlanta Newspapers 
File 714 : (Baltimore) The Sun 1990-2009/Jul 12 

(c) 2009 Baltimore Sun 
File 715:Christian Sci.Mon. 1989-2009/Jul 14 

(c) 2009 Christian Science Monitor 
File 725: (Cleveland) Plain Dealer Aug 1991-2009/Jul 15 

(c) 2009 The Plain Dealer 
File 735:St. Petersburg Times 1989- 2009/May 22 

(c) 2009 St. Petersburg Times 
File 477:Irish Times 1999-2009/Jul 16 

(c) 2009 Irish Times 
File 710 :Times/Sun. Times (London) Jun 1988-2009/Jul 15 

(c) 2009 Times Newspapers 
File 711 : Independent (London) Sep 1988-2006/Dec 12 

(c) 2006 Newspaper Publ . PLC 
*File 711: This file does not update. See NewsRoom for full 
daily coverage from many European sources. 

File 756:Daily/Sunday Telegraph 2000-2009/Jul 16 

(c) 2009 Telegraph Group 
File 757:Mirror Publications/Independent Newspapers 2000-2009/Jul 16 

(c) 2009 

File 47:Gale Group Magazine DB(TM) 1959-2009/Jul 03 

(c) 2009 Gale/Cengage 
File 347:JAPIO Dec 1976-2009/Mar (Updated 090708) 

(c) 2009 JPO & JAPIO 
File 348:EUROPEAN PATENTS 1978-200928 

(c) 2009 European Patent Office 
File 349:PCT FULLTEXT 1979-2009/UB=20090709 | UT=20090702 

(c) 2009 WIPO/Thomson 

Set Items Description 



? s pd<20020213 

Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 



Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 

Processing 
Processing 
Processing 
Processing 
Processing 

>>>One or more prefixes are unsupported 

>>> or undefined in one or more files. 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processing 

Processing 



Processing 
Processing 
Processing 

Processed 20 of 51 files . . . 

Processing 

Processing 

Processing 

Processing 

Processing 

Processed 30 of 51 files . . . 

Processing 

Processing 

Processed 40 of 51 files . . . 

Processing 

Processing 

Processing 

Processing 

Processing 

Processed 50 of 51 files . . . 
Processing 

Completed processing all files 
S1102245930 PD<20020213 



>>> Retrying request [1] 

? s sl and ((distribute or distributes or distributed or distributing or 
distribution)(4n)(content or contents or music or musical or song or songs or media 
or multimedia)) 

Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 



Processing 
Processing 

Processing 
Processing 
Processing 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processing 

Processed 20 of 51 files . . . 

Processing 

Processing 

Processed 30 of 51 files . . . 
Processing 

Processed 40 of 51 files . . . 

Processing 

Processing 

Processed 50 of 51 files . . . 
Completed processing all files 
102245930 SI 
1425545 DISTRIBUTE 

886541 DISTRIBUTES 
5661193 DISTRIBUTED 
771739 DISTRIBUTING 
11360180 DISTRIBUTION 
7431452 CONTENT 
139 0655 CONTENTS 
5582264 MUSIC 
1587694 MUSICAL 
1395369 SONG 
1140302 SONGS 
14923984 MEDIA 
2270850 MULTIMEDIA 

1251163 ((((DISTRIBUTE OR DISTRIBUTES) OR DISTRIBUTED) OR 

DISTRIBUTING) OR DISTRIBUTION) ( 4N) (((((( (CONTENT OR 
CONTENTS) OR MUSIC) OR MUSICAL) OR SONG) OR SONGS) OR 
MEDIA) OR MULTIMEDIA) 
S2 210207 SI AND ((DISTRIBUTE OR DISTRIBUTES OR DISTRIBUTED OR 
DISTRIBUTING OR DISTRIBUTION) (4N) (CONTENT OR CONTENTS 

OR 

MUSIC OR MUSICAL OR SONG OR SONGS OR MEDIA OR 
MULTIMEDIA) ) 

? s sl and ((distribute or distributes or distributed or distributing or 
distribution)(4n)((digital or e!ectronic)(2n)(work or works or book or books))) 



Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 



Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 

Processing 
Processing 
Processed 
Processing 
Processing 
Processing 
Processed 20 of 
Processing 
Processed 30 of 
Processing 
Processed 40 of 
Processing 
Processed 50 of 
Completed process 
102245930 
1425545 
886541 
5661193 
771739 
11360180 
7141996 
10448035 
27646131 
7134703 
7865637 
5070028 
2869 



10 of 51 files 



51 files 
51 files 



51 files . . . 

51 files . . . 
.ng all files 

SI 

DISTRIBUTE 

DISTRIBUTES 

DISTRIBUTED 

DISTRIBUTING 

DISTRIBUTION 

DIGITAL 

ELECTRONIC 

WORK 

WORKS 

BOOK 

BOOKS 

((((DISTRIBUTE OR DISTRIBUTES) OR DISTRIBUTED) OR 
DISTRIBUTING) OR DISTRIBUTION) (4N) (DIGITAL OR 
ELECTRONIC) (2N) (( (WORK OR WORKS) OR BOOK) OR BOOKS) 
SI AND ((DISTRIBUTE OR DISTRIBUTES OR DISTRIBUTED OR 
DISTRIBUTING OR DISTRIBUTION) (4N) ((DIGITAL OR 
ELECTRONIC) (2N) (WORK OR WORKS OR BOOK OR BOOKS) ) ) 



Set Items 

51 102245930 

52 210207 
DISTR- 

OR - 



Description 
PD<20020213 

SI AND ((DISTRIBUTE OR DISTRIBUTES OR DISTRIBUTED OR 
IBUTING OR DISTRIBUTION) (4N) (CONTENT OR CONTENTS OR MUSIC 
MUSICAL OR SONG OR SONGS OR MEDIA OR MULTIMEDIA) ) 



S3 1824 SI AND ((DISTRIBUTE OR DISTRIBUTES OR DISTRIBUTED OR 

DISTR- 
IBUTING OR DISTRIBUTION) (4N) ( (DIGITAL OR 

ELECTRONIC) (2N) (WORK 

OR WORKS OR BOOK OR BOOKS))) 

? s (s2 or s3) and ((rights or license or licensing or licensed or licenses or 
licensed)(5n)(manage or manages or managed or managing or management)) 

Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 

Processing 
Processing 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processing 

Processed 20 of 51 files . . . 
Processing 

Processed 30 of 51 files . . . 
Processing 

Completed processing all files 

210207 S2 

1824 S3 

10492005 RIGHTS 

3139601 LICENSE 

3081522 LICENSING 

2145204 LICENSED 

1384470 LICENSES 

2145204 LICENSED 

5074064 MANAGE 

162 7326 MANAGES 

5611119 MANAGED 

6544662 MANAGING 

28433200 MANAGEMENT 

322423 (((((RIGHTS OR LICENSE) OR LICENSING) OR LICENSED) OR 
LICENSES) OR LICENSED) ( 5N) ((( (MANAGE OR MANAGES) OR 
MANAGED) OR MANAGING) OR MANAGEMENT) 

S4 10080 (S2 OR S3) AND ((RIGHTS OR LICENSE OR LICENSING OR 



MANAGES 



LICENSED OR LICENSES OR LICENSED) (5N) (MANAGE OR 
OR MANAGED OR MANAGING OR MANAGEMENT)) 



>>> Retrying request [1] 

? s s4 and ((update or updates or updating or updated or change or changes or 
changed or changing)(5n)(RIGHTS OR copyright or copyrights or LICENSE OR 
LICENSING OR LICENSED OR LICENSES OR LICENSED)) 

Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 

Processing 
Processing 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processed 20 of 51 files . . . 

Processing 

Processing 

Processed 30 of 51 files . . . 
Processing 

Processed 40 of 51 files . . . 
Processing 

Processed 50 of 51 files . . . 
Completed processing all files 

10080 S4 

5682361 UPDATE 

1338008 UPDATES 

566191 UPDATING 

1824890 UPDATED 

17557375 CHANGE 

14054067 CHANGES 

7039154 CHANGED 

496 4061 CHANGING 

10492005 RIGHTS 

13442879 COPYRIGHT 



284652 COPYRIGHTS 
3139601 LICENSE 
3081522 LICENSING 
2145204 LICENSED 
1384470 LICENSES 
2145204 LICENSED 
376834 (((((( (UPDATE OR UPDATES) OR UPDATING) OR UPDATED) OR 
CHANGE) OR CHANGES) OR CHANGED) OR 
CHANGING) (5N) (((((( (RIGHTS OR COPYRIGHT) OR 



COPYRIGHTS) 



OR LICENSE) OR LICENSING) OR LICENSED) OR LICENSES) 
LICENSED) 

S4 AND ( (UPDATE OR UPDATES OR UPDATING OR UPDATED OR 
CHANGE OR CHANGES OR CHANGED OR CHANGING) (5N) (RIGHTS 

COPYRIGHT OR COPYRIGHTS OR LICENSE OR LICENSING OR 
LICENSED OR LICENSES OR LICENSED) ) 



>>> Retrying request [1] 

? s s5 and ((primary or main or first or initial or initially) (3n) (circulate or circulates 
or circulated or circulating or circulation or distribution or distribute or distributed 
or distributes or distributing)) 

Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 
Processing 

Processing 
Processing 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processing 



Processed 20 of 51 files . . . 
Processing 

Processed 30 of 51 files . . . 
Processing 

Processed 40 of 51 files . . . 

Processing 

Processing 

Processed 50 of 51 files . . . 
Processing 

Completed processing all files 
382 S5 
6256334 PRIMARY 
10330481 MAIN 
54999552 FIRST 
6567351 INITIAL 
3269809 INITIALLY 
125349 CIRCULATE 

50889 CIRCULATES 
320206 CIRCULATED 
384179 CIRCULATING 
981302 CIRCULATION 
11360180 DISTRIBUTION 
1425545 DISTRIBUTE 
5661193 DISTRIBUTED 
886541 DISTRIBUTES 
771739 DISTRIBUTING 

278678 ((((PRIMARY OR MAIN) OR FIRST) OR INITIAL) OR 

INITIALLY) (3N) (((((((( (CIRCULATE OR CIRCULATES) OR 
CIRCULATED) OR CIRCULATING) OR CIRCULATION) OR 
DISTRIBUTION) OR DISTRIBUTE) OR DISTRIBUTED) OR 
DISTRIBUTES) OR DISTRIBUTING) 
S6 81 S5 AND ((PRIMARY OR MAIN OR FIRST OR INITIAL OR 

INITIALLY) (3N) (CIRCULATE OR CIRCULATES OR CIRCULATED 

OR 

CIRCULATING OR CIRCULATION OR DISTRIBUTION OR 

DISTRIBUTE 

OR DISTRIBUTED OR DISTRIBUTES OR DISTRIBUTING) ) 

? s s5 ((secondary or additional or uncirculated or unpurchased or 
(non(w) (circulated or purchased)))(5n)(circulate or circulates or circulated or 
circulating or circulation or distribution or distribute or distributed or distributes 
or distributing)(5n)(content or contents or music or musical or song or songs or 
work or works or contents)) 

>>>Invalid syntax 

? s s5 and ((secondary or additional or uncirculated or unpurchased or 
(non(w) (circulated or purchased)))(5n)(circulate or circulates or circulated or 
circulating or circulation or distribution or distribute or distributed or distributes 
or distributing)(5n)(content or contents or music or musical or song or songs or 
work or works or contents)) 



Processing 
Processing 



Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processing 

Processed 10 of 51 files . . . 

Processing 

Processing 

Processing 

Processed 20 of 51 files . . . 
Processing 

Processed 30 of 51 files . . . 
Processing 

Processed 40 of 51 files . . . 
Processing 

Processed 50 of 51 files . . . 
Processing 

Completed processing all files 
382 S5 
3101190 SECONDARY 
15873162 ADDITIONAL 

1985 UNCIRCULATED 
102 8 UNPURCHASED 
13808923 NON 

320208 CIRCULATED 
3342354 PURCHASED 

212 NON(W) (CIRCULATED OR PURCHASED) 
125351 CIRCULATE 

50889 CIRCULATES 
320208 CIRCULATED 
384183 CIRCULATING 
981306 CIRCULATION 
11360212 DISTRIBUTION 
1425546 DISTRIBUTE 
5661202 DISTRIBUTED 
886542 DISTRIBUTES 
771742 DISTRIBUTING 
7431460 CONTENT 
1390660 CONTENTS 



5582339 
1587719 
1395396 
1140322 
27646663 
7134786 
1390660 
6653 



CIRCULATED OR 
DISTRIBUTE 



MUSIC 

MUSICAL 

SONG 

SONGS 

WORK 

WORKS 

CONTENTS 

((((SECONDARY OR ADDITIONAL) OR UNCIRCULATED) OR 
UNPURCHASED) OR NON(W) (CIRCULATED OR 

PURCHASED) ) (5N) (((((((( (CIRCULATE OR CIRCULATES) OR 
CIRCULATED) OR CIRCULATING) OR CIRCULATION) OR 
DISTRIBUTION) OR DISTRIBUTE) OR DISTRIBUTED) OR 
DISTRIBUTES) OR DISTRIBUTING) (5N) ((((((( (CONTENT OR 
CONTENTS) OR MUSIC) OR MUSICAL) OR SONG) OR SONGS) OR 
WORK) OR WORKS) OR CONTENTS) 

S5 AND ((SECONDARY OR ADDITIONAL OR UNCIRCULATED OR 
UNPURCHASED OR (NON(W) (CIRCULATED OR 
PURCHASED) )) (5N) (CIRCULATE OR CIRCULATES OR 

CIRCULATING OR CIRCULATION OR DISTRIBUTION OR 

OR DISTRIBUTED OR DISTRIBUTES OR 

DISTRIBUTING) (5N) (CONTENT OR CONTENTS OR MUSIC OR 



OR SONG OR SONGS OR WORK OR WORKS OR CONTENTS)) 



?rd 



>>>Duplicate detection is not supported for File 347. 

>>>Duplicate detection is not supported for File 348. 

>>>Duplicate detection is not supported for File 349. 

>>>Records from unsupported files will be retained in the RD set. 
S8 25 RD (unique items) 



? t s8/3/all 



>>> Retrying request [1] 

8/3/1 (Item 1 from file: 15) 

DIALOG(R)File 15: ABI/Inform(R) 

(c) 2009 ProQuest Info&Learning. All rights reserved. 

02088220 63530351 

Napster: Copyright killer or distribution hero? 

Sherman, Chris 

Online v24n6 pp: 16-28 

Nov/Dec 2000 

ISSN: 0146-5422 Journal Code: ONL 
Word Count: 4918 



8/3/2 (Item 2 from file: 15) 

DIALOG(R)File 15: ABMnform(R) 

(c) 2009 ProQuest Info&Learning. All rights reserved. 

01980600 49070773 

Case study: Document management for a SONGS 

Keown, Joel 

Inform vl4nl pp: 48-52 
Jan/Feb 2000 

ISSN: 0892-3876 Journal Code: IFN 
Word Count: 3002 



Dialog cl ink: Order fik- i lisU>r\ 

8/3/3 (Item 1 from file: 348) 

DIALOG(R)File 348: EUROPEAN PATENTS 

(c) 2009 European Patent Office. All rights reserved. 

01445561 

System and method for managing copyrights and payments in connection with 
content distribution and circulation 

Vorrichtung und Verfahren um Urheberechte und Zahlungen zu verwalten in 
Zusammenhang mit Inhaltsabgabe und -weitergabe 

Systeme et methode de gestion des copyrights et paiements afferents a la distribution et la 
transmission de contenus 

Patent Assignee: 

. MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD.; (216883) 
1006, Oaza-Kadoma; Kadoma-shi, Osaka 571-8501; (JP) 
(Applicant designated States: all) 

Inventor: 

• Namba, Takaaki 

6- 1, Futakata-cho, Nishi-ku; Nagoya-shi, Aichi, 452-0817; (JP) 

• Matsuo, Takashi 

7- 20-2, Tsuchihashi, Miyamae-ku; Kawasaki-shi, Kanagawa, 216-0005; (JP) 

• Higashi, Akio 

B-406, Hiyoshidainanabanchou 25; Takatsuki-shi, Osaka, 569-1022; (JP) 

• Nakahara, Tohru 

1- 4-40, Nonakaminami, Yadogawa-ku; Osaka-shi, Osaka, 532-0022; (JP) 

• Murakami, Hiroki 

2- 8-5, Tsukumodai; Suita-shi, Osaka, 565-0862; (JP) 



Legal Representative: 



. Balsters, Robert et al (83703) 

Novagraaf International S.A. 25, avenue du Pailly; 1220 Les Avanchets - Geneva; 
(CH) 



ICountry 


i Number 


Kind| Date 


Patent IP 


11235174 


A2 120020828 (Basic i 


i |EP 


11235174 


A3 |20040l 21 


j Application \\iP 


2002003117 


20020213 


^Priorities IJP 


200136523 


120010214 



Designated States: 

DE; FR; GB; 



Extended Designated States: 

AL; LT; LV; MK; RO; SI; 

International Patent Class (V7): G06F-017/60; G06F-001/00; H04N-007/24Abstract 



Word Count: 139 
NOTE: 2 

NOTE: Figure number on first page: 2 




Legal Status Type Pub. Date Kind iText; 


Language Publication: English 
Procedural: English 
Application: English 


iFulltext Availability Available Text Language 


I'pdate W ord Count 


iCLAIMS A j(English) 


200235 3283 


SPEC A j( English) 


200235 9489 


Total Word Count ( Document A ) 1 2772 


Total Word Count (Document B) 0 


Total Word Count (All Documents) 12772 


Dialog cLink: Order File History 

8/3/4 (Item 2 from file: 348) 

DIALOG(R)File 348: EUROPEAN PATENTS 



(c) 2009 European Patent Office. All rights reserved. 



01311422 



DATA DISTRIBUTION SYSTEM AND RECORDER FOR USE THEREIN 

DATENVERTEILUNGSVORRICHTUNG UND ZUGEHORIGES 
AUFZEICHNUNGSGERAT 

SYSTEME DE DISTRIBUTION DE DONNEES ET ENREGISTREUR UTILISE 
AVEC CE SYSTEME 

Patent Assignee: 

. Sanyo Electric Co., Ltd.; (2206455) 

5-5, Keihan-Hondori 2-chome,; Moriguchi-shi, Osaka 570-8677; (JP) 

(Applicant designated States: all) 
. PFU LIMITED; (930123) 

Nu-98-2, Aza-Unoke, Unoke-machi; Kahoku-gun Ishikawa 929-1125; (JP) 

(Applicant designated States: all) 
. FUJITSU LIMITED; (21 1463) 

1-1, Kamikodanaka 4-chome, Nakahara-ku; Kawasaki-shi, Kanagawa 211-8588; 

(JP) 

(Applicant designated States: all) 
. Hitachi, Ltd.; (204145) 

6 Kanda Surugadai 4-chome; Chiyoda-ku, Tokyo 101-8010; (JP) 

(Applicant designated States: all) 
• Nippon Columbia Co., Ltd.; (2395621) 

14-14 Akasaka 4-chome, Minato-ku; Tokyo 107-8011; (JP) 

(Applicant designated States: all) 

Inventor: 

. HORI, Yoshihiro, Sanyo Electric Co., Ltd. 

5-5, Keihanhondori 2-chome; Moriguchi-shi, Osaka 570-8677; (JP) 
. HIOKI, Toshiaki, Sanyo Electric Co., Ltd. 

5-5, Keihanhondori 2-chome; Moriguchi-shi, Osaka 570-8677; (JP) 
. KANAMORI, Miwa, Sanyo Electric Co., Ltd. 

5-5, Keihanhondori 2-chome; Moriguchi-shi, Osaka 570-8677; (JP) 
. TAKAHASHI, Masataka, PFU Limited 

Aza Unoke Nu98-2, Unoke-machi; Kahoku-gun, Ishikawa 929-1192; (JP) 
. HASEBE, Takayuki, Fujitsu Limited 

1-1, Kamikodanaka 4-chome, Nakahara-ku; Kawasaki-shi, Kanagawa 211-8588; 

(JP) 

. YOSHIOKA, Makoto, Fujitsu Limited 

1-1, Kamikodanak 4-chome, Nakahara-ku; Kawasaki-shi, Kanagawa 211-8588; 
(JP) 

. HATAKEYAMA, Takahisa, Fujitsu Limited 

1-1, Kamikodanaka 4-chome, Nakahara-ku; Kawasaki-shi, Kanagawa 211-8588; 
(JP) 

. TONEGAWA, Tadaaki, Semicond. & Integr. Circuits 

Hitachi, Ltd., 20-1, Josuihoncho 5-chome; Kodaira-shi, Tokyo 187-8588; (JP) 



. ANAZAWA, Takeaki, Nippon Columbia Co., Ltd. 

14-14,Akasaka 4-chome, Minato-ku; Tokyo 107-8011; (JP) 

Legal Representative: 



. Glawe. Delfs. Moll (100699) 

Patentanwalte Postfach 26 01 62; 80058 Munchen; (DE) 



i Country 


1 Number 


Kind Date 


Patent EP 


1237326 


Al 20020904 (Basic) 


| [wo 


2001043342 


120010614 


; Application EP 


2000979088 


|2000I205 


jwo 


2000JP8593 


120001205 


jPriorities jJP 


199346861 


[19991206 



Designated States: 

DE; FR; GB; 
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Specification: ...a primary circulation of a content. Processing concerning a primary 
circulation of a content is performed as follows. The content distributing device All 
receives distribution of a content from the content providing device 1 via the content 
exchanging device 15. Then, the content distribution management device 17 manages 
purchase, usage and so on of the content in the content distributing device All. 



A primary circulation of a content performed by the system 10 will be explained below 

with reference to Fig. 4, Fig. 5 and Figs. 6A (equivalent to) 6C 5 is a diagram 

showing a detailed example of information which is communicated between each device 
(the content exchanging device 15 is omitted) with the content distribution management 
device 17 as a center in connection with a primary circulation of a content. 

Also, a management information table 400 in Fig. 6A, which is a table in use for 
managing copyrights and payments per content, is stored in a memory unit 179 of the 
content distribution management device 17. In the management information table 400, 

information such as a name of a content (or an ID of a content) subject to Internet 

such as "www.xxx.co.jp/con(underscore)server/" is actually registered (same as above 
hereinafter). 

Note that, in addition to the above information, content-related information concerning 
content distribution such as a license of copy control, a content distribution time 
estimated based on a content size (depending upon a compression ratio) and a network 
band (it is possible, in this case, to shorten a time required for distribution of a content 
even via a network with a same band if a smaller size of a content is selected), quality of 

a content (it is possible, in Further, Figs. 6B and 6C show how the details of the 

management information table 400 change in accordance with the purchase and usage of 
a content by the content distributing device All. 

(1) The content providing device 1 sends a rule registration request to the content 
distribution management device 17 via the network 19 in order to register usage rules of 
a content which is distributable to a content distributing device (Step S401). At this 
time, the content providing device 1 sends key information, usage rules, payment 

information, etc. per content name, as shown in 400 in Fig. 6A, for example. This 

corresponds to the processing of a 401, 403 rule registration request (Step S501) in Fig. 5. 

(2) The content distribution management device 17 checks details of the rule 
registration request received from the content providing device 1 . As a result of the 
check, when the content distribution management device 17 decides that the rule 
registration request is unacceptable, it sends a rule registration response "failed" to the 

content providing device 1 (Step and takes the measures, and then the processing of 

the above (1) and the following is re-performed. 

(3) On the other hand, when the content distribution management device 17 decides that 
the rule registration request received from the content providing device 1 is acceptable, it 

sends a rule registration response "completed a list registration request to the content 

exchanging device 15 via the network 19 in order to register information required for 
search for selecting a content which is to be distributed to a user (Step S41 1). In this 
case, the information such as usage rules, payment information and others is sent per 
content name, as shown... the content providing device 1 receives the list registration 
response "completed", it performs the processing as shown in (7) below and the 
following. 



(7) The content distributing device All specifies a search keyword ("content A" or the 

like as a content name, for example) (Step S420), and sends a list search network 19 

and a list of the search results. 

(8) The content exchanging device 15 checks details of the list search request received 
from the content distributing device A 1 1 . As a result of the check, when the content 
exchanging device 15 decides that the list search request is unacceptable, it sends a list 
search response "failed" to the content distributing device All (Step S423). When the 
content distributing device All receives the list search response "failed", a user tracks 

down the factors of the problem of being "failed" and takes the measures the above 

(7) and the following is re-performed. 

(9) If the content exchanging device 15 decides that the list search request received from 
the content distributing device A 1 1 is acceptable, it sends a list search response 
"completed" as well as a list of the search results to the content distributing device All 
(Step S423). When the content distributing device A 1 1 receives the list and the list 
search response "completed", it performs the processing as shown in (10) below and the 
following. 

(10) The content distributing device All selects a content that meets desired usage 
rules among the received list, (and thereby, a distributor device of this content is 
specified). At this time, the content distributing device All sets weighting factors 
corresponding to the degree of closeness to the desired usage rules, and selects a content 
having the biggest value obtained by multiplying weighting factors of respective usage 
rules. In Fig. 6A, for example, assume that a user of the content distributing device A 

1 1 makes a keyword search using a key word "content A" as a "content name", and as a 

result, a content A 401 Note that it may be configured so that the above processing 

for selecting a content be performed in the content exchanging device 15. 

(11) The content distributing device All sends a content distribution request to the 
content providing device 1 in order to receive the distribution of the content A 403 
selected in the above-mentioned processing (10) (Step S431). This corresponds to the 
processing of a 403 content distribution request (Step S505) in Fig. 5. The content 
distributing device All usually requests the content providing device 1 to distribute a 
content to the content distributing device A 1 1 itself. However, a user of the content 
distributing device All can specify another device (the content distributing device B 
13, for example) than the device that made the request (that is, the content distributing 
device A 1 1) as a device to be distributed, because a device to distribute and a device to 
be distributed as well as a content are specified when a content distribution request is 
made (Step S433B). In other words, it becomes possible to make distribute a content as 
a gift. 

(12) The content providing device 1 checks details of the content distribution request 
received from the content distributing device A 1 1. As a result of the check, when the 
content providing device 1 decides that the content distribution request is unacceptable, 
it sends a content distribution response "failed" to the content distributing device All 



(Step S433, Step S507). When the content distributing device All receives the content 
distribution response "failed", a user tracks down the factors of the problem of being 
"failed" and takes the measures, and then the above-mentioned processing of (1 1) and the 
following are re-performed. 

(13) When the content providing device 1 decides that the content distribution request 
received from the content distribution device A 1 1 is acceptable, it sends a content 
distribution response "completed" as well as a non-purchased encrypted content to the 
content distributing device All (Step S433). In Fig. 5, this corresponds to the 
processing of a 403 content distribution response (Step S507) in Fig. 5. When the 
content distributing device A 1 1 receives the content distribution response 
"completed", it performs the processing as shown in (14) below and the following. 

Note that, in Fig. 4, the case where a content is distributed from the content providing 
device 1 to the content distributing device B 13 as a gift is shown by dashed lines. 

(14) The content distributing device All sends a content purchase request to the 
content distribution management device 17 in order to purchase a content based on a 
user's ...details of copyright-related information as each usage rule. Thereby, even if a 
request to use a content in a new manner arises and a content distributing device 
meeting this request is produced, it is possible to extend the system of the present 
invention flexibly by adding a new function for usage rule processing to a content 
distributing device as a distributor (a content providing device in the present invention). 
Note that when the content distributing device A 1 1 distributes a non-purchased 
content, that is, it intermediates a content, the following processing (15) (equivalent 
to)(17) is not performed. 

(15) The content distribution management device 17 checks details of the content 
purchase request received from the content distributing device A 1 1 . As a result of the 
check, when the content distribution management device 17 decides that the content 
purchase request is unacceptable, it sends a content purchase response "failed" to the 
content distributing device All. When the content distributing device All receives 
the content purchase response "failed", a user tracks down the factors of the problem of 
being "failed" and takes the measures, and then the above processing of (14) and the 
following is performed. 

(16) When the content distribution management device 17 decides that the content 
purchase request received from the content distributing device A 1 1 is acceptable, it 
updates the details of the management information table 400 stored in the memory unit 
179 of the content distribution management device 17, and sends a content purchase 
response "completed" as well as copyright-related information to the content 
distributing device All (Step S453). This corresponds to the processing of a 403 
purchase response (reproduction 1 day, distributed one by one among 7 rights) (Step 
S51 1) in Fig. 5. When the content distributing device All receives the purchase 
response "completed" and so on, it performs the processing of (17) below and the 
following. 



More specifically, in order rights of a new added content A 411 is described as "7". 

Further, the "address of distributor" of the content A 411 is revised from "content 
providing device" to "content distributing device A". Note that since a content is 
purchased in this example, "payment information" of the content A 41 1 is described as 

"not for sale key information of the content A 41 1 "zzz", which is different from the 

key information of the content A 403 "yyy", is received from the content distribution 
management device 17 and described. 

Further, the content distribution management device 17 acquires 1 yen, for example, as 
a management fee for right movement from the content providing device 1 or the content 
distributing device A 1 1 to make a profit. Note that as a business of the owner of the 
content distribution management device 17, he/she may, instead of or in addition to 

acquiring the above management fee, add an advertisement such as an e-mail the 

owner acquires 1 yen of an advertising rate for one addition of the advertisement, 
regardless of the advertisement style. 

When a user of the content distributing device A 1 1 exercises reproduction rights for 4 
days of a content after he/she purchases it, the number of rights on the management 
information table 400 is revised from "7" to "3" by a copyright management processing 
unit 173 of the content distribution management device 17, as shown in a column of the 
content A 41 1 in Fig. 6C. When the reproduction rights are exercised, the content 
distributing device All makes a license request to the content distribution 
management device 17 every time the reproduction right is exercised second and 
onward. The content distribution management device 17 decides the licensing based 
on the remaining number of reproduction rights and sends back the license response. The 
content distributing device All receives the license response (including usage rules) 
and then the user views the content. 

Note that when a user of the content distributing device All purchases many (1,000, 
for example) number of rights, it is troublesome to make a license request to the content 
distribution management device 17 every time of the purchase. In such a case, it can be 
controlled so that the number of rights is decremented eveiy time the usage rule deciding 
unit 125 reproduces the content while the purchased number of rights is stored in the 
memory 123 of the content distributing device A 1 1. In this case, the user of the 
content distributing device All prohibits access to the number of rights stored in the 
memory unit 123. 

Note that as to the copyright-related information, the usage rules are distributed from the 
content distribution management device 17 to the content distributing device A 1 1 in a 
minimum unit (any ...purchased under the rule of 1-time use or control free, it is used or 
controlled without making a license request. As a result, the content distributing device 
A 1 1 to which the usage rules are distributed decides the minimum unit of the usage rules 
only and performs the processing. 



(17) The content distribution management device 17 sends a distribution notice (a 
purchase notice) to the content providing device 1. Thereby, it is notified that the rights to 
use purchase notice, 1,400 yen) (Step S513) in Fig. 5. 

(18) When the content providing device 1 receives the allocation notice (purchase notice) 
from the content distribution management device 17, it sends an allocation confirmation 
(a purchase confirmation) to the content distribution management device 17 (Step 
S473). This corresponds to the processing of an allocation confirmation (a purchase 
confirmation, 1,400 yen) (Step S515) in Fig. 5. 

As described above, the system for performing copyright management and payment 
management concerning the copyrights independently upon distribution of an encrypted 
content in a content distribution management device is built, and thereby it becomes 
possible to prevent copyright infringements caused by illegitimate file exchange or the 
like. 

(The Second Embodiment) 

In the first embodiment, the case where copyright management and payment management 
in a primary circulation of a content are performed by a content distribution 
management device was explained. In the second embodiment, the case where copyright 
management and payment management in a secondary circulation of a content are 
performed by a content distribution management device will be explained. 

Note that explanation of the configuration similar to that of the first embodiment will be 
omitted, and instead, the configuration peculiar to the second embodiment will be 
focused on. 

Fig. 7 is a block diagram showing a functional configuration of each device in a content 
distribution management system 20 according to the second embodiment, in which how 
communication is performed between each device in a secondary circulation of a 
content is illustrated. More specifically, Fig. 7 is a diagram showing the case where the 
content distributing device B 13 receives an encrypted content in a secondary 
circulation from the content distributing device A 1 1 which obtained the content in a 
primary circulation (purchased or non-purchased). Although the functional 
configuration of the content distributing device B 13 is newly illustrated in Fig. 7, it is 
basically same as that of the content distributing device A 1 1 in the above first 
embodiment. Note that the content distributing device A 11 in Fig. 7 also has functions 
of the content providing device 1 in the first embodiment. Further, when a non- 
purchased content is purchased in a secondary circulation, the content distribution 
management device 17 allocates an intermediary fee to an intermediary of the content, 

and collects a management fee from at least one of a provider management fee from 

plural ones or all of these, of course. When a content is provided by the content providing 
device 1, intermediated by the content distributing device All, and then purchased by 
the content providing device B 13, for example, the content distribution management 
device 17 allocates an intermediary fee to the content distributing device All, and 



collects a management fee from the content providing device 1 and the content 
distributing device B 13. 

Fig 8 is a diagram of a communication sequence in the case where a purchased content 
and a non-purchased content according to the second embodiment are in a secondary 
circulation. Here, "a purchased content" means an encrypted content that can be 
decrypted because payment processing was performed between a content distributing 
device and a content distribution management device, and "a non-purchased content" 
means an encrypted content that can not be decrypted because payment processing was 
not performed between a content distributing device and a content distribution 
management device. 

The communication sequence of Fig. 8 is different from that of Fig. 4 in that an 
intermediation notice that an intermediary fee will be allocated from the content 
distribution management device 17 to the content distributing device A 11 is added, 
when the content distributing device B 13 purchased a content through the 
intermediation of the content distributing device All. Note that when the content 
distributing device B 13 secondarily circulates a content which was purchased by the 
content distributing device A 1 1 in a primary circulation, the communication 
sequence of Fig. 8 is same as that of Fig. 4 where a content is primarily circulated from 
the content providing device 1 to the content distributing device A 1 1 in the first 
embodiment. 

Fig. 9 is a diagram showing a detailed example of information which is communicated 
between each device with the content distribution management device 17 as a center in 
the case where the content distributing device A 1 1 secondarily circulates a content 
which was purchased from the content providing device 1 further to the content 
distributing deice B 13. Note that in Fig. 9, communication of information in a primary 
circulation and a content distribution processing from the content distributing device 
A 11 to the content distributing device B 13 in a secondary circulation are omitted. 

Figs. 10A (equivalent to) 10D are examples showing how details of a management 
information table 600 managed in the content distribution management device 17 
change in the case where a content is purchased in a primary circulation and further 
circulated secondarily. 

Fig. 1 1 is an example of a table showing a circulation history of a content. In the table of 
Fig. 11, addresses of distributor... becomes possible to allocate purchase charges more 
carefully based on this table. 

Fig. 12 is an example showing how communication is specifically performed in the 
content distribution management device 17 in the case where a non-purchased content 
that was distributed in a primary circulation is secondarily circulated. Note that 
communication in the primary circulation is omitted in Fig. 12. 



Figs. 13 A, 13B are examples showing how details of a management information table 
700 managed in the content distribution management device 17 change in the case 
where a non-purchased content is secondarily circulated. 

Methods of copyright management and payment management in the case of a secondary 
circulation of a content in the content distribution management device 17 as shown in 
Fig. 7 will be explained below with reference to Fig. 7 (equivalent to) Fig. 13. 

(19) The content distributing device All purchases a content A 601 according to the 
procedures similar to those of the first embodiment mentioned above (similar to Step 
S501 (equivalent to) Step S515 in Fig. 5). Further, the content distributing device All 
sends a rule registration request of a content A 61 1 which is distributable to other content 
distributing devices via the network 19 to the content distribution management device 
17 (Step S801). This corresponds to the processing of a 61 1 rule registration request 
(Step S613) in Fig. 9. This corresponds to the case where a user of the content 
distributing device A 1 1 offers a content A with the remaining number of rights of 3 for 
sale, or secondhand sale of a content, as shown in Fig. IOC. 

(20) The content distribution management device 17 checks details of the rule 
registration request received from the content distributing device All, and sends a rule 
registration response "failed" to the content distributing device All when the request is 
unacceptable (Step S803), in the same way as the above processing (2). The content 
distributing device All re-performs the processing of (19) above and the following 
after the factors of the problem of being "failed" are tracked down and the measures are 
taken, in the same way as the above processing (2). 

(21) The content distribution management device 17 receives the rule registration 
request from the content distributing device A 1 1 (Step S801), and when it decides that 
the rule registration request is acceptable, it sends a rule registration response 
"completed" to the content distributing device All (Step S803). The content 
distributing device A 11 receives the rule registration response "completed", and then 
performs the processing of (22) below and the following. This corresponds to the 
processing of a 61 1 rule registration response (Step S615) in Fig. 9. As a result, the 
content distribution management device 17 revises description in the "payment 
information" column of the content A 61 1 in the management information table 600 from 

"not for sale Fig. 10C, in order to indicate that the content can be purchased under the 

rule of 180 yen per right for 1 day. 

(22) The content distributing device All sends a registration request of a list of 
contents which are distributable to other content distributing devices via the network 19 
to the content exchanging device 15 (Step S811). 

(23) The content exchanging device 15 checks details of the list registration request 
received from the content distributing device All, and sends a list registration response 
"failed" to the content distributing device All when the request is unacceptable (Step 
S813), in the same way as the above processing (5). The content distributing device A 



1 1 re-performs the processing of (22) above and the following after the factors of the 

problem of being "failed" are tracked down measures are taken, in the same way as 

the above processing (5). 

(24) The content exchanging device 15 receives the list registration request from the 
content distributing device All, and sends a list registration response "completed" to 
the content distributing device All when this request is acceptable (Step S813), in the 
same way as the processing (6) above. The content distributing device All receives the 
list registration response "completed", and then performs the processing of (25) below 
and the following. 

(25) The content distributing device B 13 specifies a search keyword (Step S820), and 

sends a search request of a list of contents which a user desires to acquire in the same 

way as the processing (7) above. 

(26) The content exchanging device 15 checks details of the list search request received 
from the content distributing device B 13, and sends a list search response "failed" to 
the content distributing device B 13 when the request is unacceptable (Step S823), in 
the same way as the above processing (8). The content distributing device B 13 re- 
performs the processing of (25) above and the following after the factors of the problem 

of being "failed" are tracked down measures are taken, in the same way as the above 

processing (8). 

(27) The content exchanging device 15 receives the list search request from the content 
distributing device B 13, and sends a list search response "completed" as well as the list 
to the content distributing device B 13 when this request is acceptable (Step S823), in 
the same way as the processing (9) above. The content distributing device B 13 receives 
the list search response "completed", and then performs the processing of (28) below and 
the following. 

(28) The content distributing device B 13 selects a content that meets desired usage 
rules among the received list (Step S825). 

(29) The content distributing device B 13 sends a content distribution request to the 
content distributing device A 1 1 (Step S831). This corresponds to the processing of a 
703 content distribution request (Step S709) in Fig. 12. 

(30) The content distributing device All checks details of the content distribution 
request received from the content distributing device B 13, and sends a content 
distribution response "failed" to the content distributing device B 13 when the request 
is unacceptable (Step S833), in the same way as the above processing (12). The content 
distributing device B 13 re-performs the processing of (29) above and the following 
after the factors of the problem of being "failed" are tracked down and the measures are 
taken, in the same way as the above processing (12). 



(31) The content distributing device All receives the content distribution request from 
the content distributing device B 13, and sends a content distribution response 
"completed" as well as the non-purchased content or the purchased content to the 
content distributing device B 13 when this request is acceptable (Step S833), in the 
same way as the processing (13) above. The content distributing device B 13 receives 
the content distribution response "completed", and then performs the processing of (32) 
below and the following. This corresponds to the processing of a 703 content 
distribution (Step S711) in Fig. 12. 

(32) By an operation of a user of the content distributing device B 13, a content 

purchase request is sent via the network 19 from the user interface unit 131 of the 
content distributing device B 13 to the content distribution management device 17 in 
order to purchase a content (Step S851). This corresponds to the processing of a 611 

purchase request (reproduction 1 day, 1 Fig. 9, and the processing of a 703 purchase 

request (reproduction 1 day, 1 right, 200 yen) (Step S713) in Fig. 12, respectively. 

(33) The content distribution management device 17 checks details of the request 
received from the content distributing device B 13, and sends a content purchase 
response "failed" to the content distributing device B 13 when the request is 
unacceptable (Step S853), in the same way as the above processing (15). The content 
distributing device B 13 re-performs the processing of (32) above and the following 
after the factors of the problem of being "failed" are tracked down and the measures are 
taken, in the same way as the above processing (15). 

(34) The content distribution management device 17 receives the purchase request from 
the content distributing device B 13, and sends a purchase response "completed" as well 
as the copyright-related information to the content distributing device B 13 when this 
request is acceptable (Step S853), in the same way as the processing (16) above. The 
content distributing device B 13 receives the purchase response "completed", and then 
performs the processing of (35) below and the following. This corresponds to the 

processing of of a 703 purchase response (reproduction 1 day, distribution 1 right) 

(Step S715) in Fig. 12, respectively. 

The copyright management processing unit 173 of the content distribution management 
device 17 revises the number of rights of the content A 61 1 in the management 

information table 600 from "3" to "2", as shown a content A 71 1 is added to the 

management information table 700, and "1" is described for the number of rights. In this 
case, the content distribution management device 17 acquires a management fee for 
right movement (1 yen, for example) as a profit from the content providing device 1, the 
content distributing device A 1 1 or the content distributing device B 13. 

(35) The content distribution management device 17 sends an allocation notice (an 
intermediation notice in the case of intermediating the non-purchased content, and a 
purchase notice in the case of intermediating the purchased content) to the content 
distributing device All (Step S871). This corresponds to the processing of an allocation 



notice (purchase notice, 180 yen) (Step S 621) in Fig. 9, and the processing of an 
allocation notice (intermediation notice, 1 yen) (Step S721) in Fig. 12, respectively. 

(36) The content distributing device All receives the allocation notice (the 
intermediation notice in the case of intermediating the non-purchased content, and the 
purchase notice in the case of intermediating the purchased content) from the content 
distribution management device 17, and then sends an allocation confirmation (an 
intermediation confirmation in the case of intermediating the non-purchased content, and 
a purchase confirmation in the case of intermediating the purchased content) to the 
content distribution management device 17 (Step S873). This corresponds to the 
processing of an allocation confirmation (purchase confirmation 180 yen) (Step S623) in 
Fig. 9, and the processing of an allocation confirmation (intermediation confirmation 1 
yen) (Step S723) in Fig. 12, respectively. 

(37) When the non-purchased content was intermediated, the content distribution 

management device 17 sends an allocation notice (a purchase notice) to the content 
providing device 1 which provided the content (Step S891). This corresponds to... 
...according to an intermediary allocation rate (1 yen/right (0.5%)). 

(38) The content providing device 1 receives the allocation notice (purchase notice) from 
the content distribution management device 17, and then sends an allocation 
confirmation (a purchase confirmation) to the content distribution management device 
17 (Step S893). This corresponds to the processing of the allocation confirmation 
(purchase confirmation, 199 yen) (Step S723) in Fig. 12. 

Fig. 14 shows lists of data regarding intermediaries registered corresponding to IDs of 
devices such as the above content providing device and the content distributing devices. 
Note that these device Ids are defined uniquely by the above addresses. These lists are 
registered in the memory unit 179 of the content distribution management device 17. 
These lists 130, 140, 150 are used for preventing a content from being purchased by a 
dishonest intermediary. 

As for the content by the content providing device 1 is registered. 

Fig. 15 is a flowchart showing a flow of payment allocation processing among payment 
processing in the content distribution management device 17. 

First, when the content distribution management device 17 receives a purchase request 
(Step SI 401), it checks whether the content purchase request includes an intermediary ID 
or not (Step S1402). When the intermediary ID is included, the content distribution 
management device 17 judges that a non-purchased content was intermediated. When 
the intermediary ID of the content is identical with the intermediary ID registered in the 
memory unit 179, the content distribution management device 17 allocates an 
intermediary fee to the intermediary, as well as allocates a purchase charge to the 
distributor of the content (Steps S1406, 1403, 1404). 



On the other hand, when the intermediary ID is not included, the content distribution 

management device 17 judges that a purchased content was further purchased, and 
allocates the purchase charge to the distributor of the content (Steps S1403, 1404). 

As described above, it becomes possible to prevent copyright infringements caused by an 
illegitimate file exchange or the like by building the system for managing distribution of 
an encrypted content separately from copyright management and payment management, 
regardless of a purchased or a non-purchased content, even when the content is 
secondarily circulated. 

Note that although the content exchanging device 15 is different from the content 
distribution management device 17 in the above embodiments, the configuration in 
which both the content exchanging device 15 and the content distribution management 
device 17 are realized in the same device is also included in the present invention. 
Further, the configuration in which the content distributing devices All and B 13, the 
content exchanging device 15 and the content distribution management device 17 are 
realized in the same device is also included in the present invention. 

On the other hand, since the content providing device 1 is not specifically distinguished 
from the content distributing devices A 1 1 and B 13 from a functional viewpoint, it can 
be considered to be a kind of a content distributing device. Therefore, it is obvious that 
each user of each content distributing device may be a content provider. 
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Specification: ...without any appropriate approach taken to protect the copyright, the 
copyright owner may have his/her right infringed significantly. 

However, prioritizing copyright protection and preventing content data distribution on a 
rapidly expanding digital information communication work, is disadvantageous to 



copyright owners, who basically can collect a predetermined copyright fee for copying 
content data. 

In contrast, if digital data recorded in a significant degradation and accordingly 

equipment is configured to prevent copying music data from a recordable MD to another 
MD and thus protect copyright. 

As such, distributing music data, image data and other similar data to the public on a 
digital information communication network is itself a behavior subject to a restriction 
attributed to the public on an information communication network and received. 

Disclosure of the Invention 

One object of the present invention is to provide a data distribution system capable of 
distributing content data on an information communication network for example of 
cellular phones, and a recording device for use in the data distribution system, more 
specifically a memory card. 

Another object of the present invention is to provide a data distribution system capable of 
preventing distributed content data from being replicated without permission of the 
copyright owner, and a recording device for use in the data distribution system, more 
specifically a memory. ..a data distribution system of the present invention. 

Fig. 2 is a list of characteristics of data, information and the like used in a data 
distribution system of a first embodiment for communication. 

Fig. 3 is a list of characteristics of key data and the like used in the data distribution 
system of the first embodiment. 

Fig. 4 is a schematic block diagram showing a configuration of the Fig. 1 license server. 

Fig. 5 is a schematic block diagram showing illustrates contents of access restriction 

information AC1. 

Figs. 9 and 10 are first and second flow charts, respectively, for illustrating an operation 
of the data distribution system of the first embodiment in a distribution session. 

Fig. 1 1 is a flow chart for illustrating an operation in a reproduction session according to 
the first embodiment. 

Figs. 12, 13 and 14 components are denoted by like reference characters. 

Note that hereinafter a description will by way of example be provided of a configuration 
of a data distribution system distributing digital music data to each cellular phone user 
on a cellular phone work, although, as will be apparent from the following description, 
the present invention is not limited thereto and it is also applicable to distributing other 



types of content data, ...data, game programs and other similar content data, on different 
information communication networks. 

First Embodiment 

With reference to Fig. 1, music data in copyright is managed in a license server 10 using 
a predetermined encryption system to encrypt music data, (hereinafter also referred to as 

"content data") and feeding such encrypted content data to for distributing data. An 

authentication server 12 determines whether a cellular phone, a memory card or the like 
of a cellular phone user accessing for distribution of music data is authentic equipment. 

Distribution carrier 20 receives a distribution request from each cellular phone user and 

relays it via its cellular phone network to license server 10. License server 12 that the 

cellular phone user is using an authentic cellular phone, memory card and the like and 
license server 10 further encrypts the requested content data and distributes the 
encrypted content data via the cellular phone network of distribution carrier 20 to the 
cellular phone of the cellular phone user. 

In Fig. 1, for example a license server 10, authentication server 12 and distribution 

carrier 20 will generally be referred to as a distribution server 30. 

Furthermore, a process of transmitting content data from distribution server 30 for 
example to each cellular phone will be referred to as "distribution." 

As such, first of all, if memory card 1 10 is not used, content data distributed by 
distribution server 30 can hardly be received or reproduced as music. 

Furthermore, if whenever distribution carrier 20 distributes the content data of a single 
piece of music the distribution frequency increments and whenever a cellular phone user 
receives or downloads the content data a copyright fee incurs and it is collected by 
distribution carrier 20 together with the phone toll of the cellular phone, the copyright 
owner can readily collect the copyright fee. 

Furthermore such distribution of content data is also advantageous as it is provided in a 
closed system in a form of a cellular phone network, which facilitates developing an 
approach Internet. 

In this context, for example a cellular phone user 2 having a memory card 112 can 
directly receive with his/her cellular phone 102 content data distributed from 
distribution server 30. If cellular phone user 2 receives directly from distribution server 
30 content data or the like having a significant amount of information, however, the data 
reception may require a relatively long period of time. It would be more convenient for 
user 2 if the user can copy the content data from cellular phone user 1 having already 
received the content data distributed from distribution server 30. 



As shown in Fig. 1, copying content data from cellular phone user 1 to the cellular phone 

user 2 equipment together with the and limit information on license ID, access 

reproduction and the like corresponding to the information relating to copyright 
protection, and other similar information. 

Thus, once content data distributed from distribution server 30 is received, it can be 
used on the receiving side flexibly. 

Furthermore, if cellular phones 100 and 102 are personal handy phones (PHSs a 

function can thus be used to replicate information between cellular phone users 1 and 2. 

In the Fig. 1 configuration, to allow enciypted and distributed content data to be 
reproduced on the side of a cellular phone user, a system is initially required to be a 
system for distributing an encryption key in a communication, secondly the exact system 
encrypting content data to be distributed, and thirdly a configuration implementing 
decryption key protection for preventing such distributed content data from being 
copied without permission. 

In the present embodiment, in particular when any of distribution, reproduction and 
replication sessions occurs, whether or not the level. 

Fig. 2 is a list of characteristics of data, information and the like used in the Fig. 1 data 
distribution system for a communication. 

Initially, data distributed from a distribution server will be described. "Data" is content 
data such as music data. Content data Data is encrypted, decryptable with a license 
key.. .a cellular phone user. 

Note that hereinafter, a representation (Y) X will refer to data Y encrypted decryptable 
with a decryption key X. 

Furthermore, the distribution server distributes together with the encrypted content 
data additional information Data-inf corresponding to plaintext information on content 
data or server access. Furthermore, as the license, there exist a content ID serving as a 
code for identifying content data Data and a license ID serving as a management code 
capable of specifying an issuance of a license, and access restriction information AC1 
and reproduction circuit control information AC2 generated from license purchasing 

condition to keep the secret. Keys Ksl-Ks4 are symmetric keys generated by server 

30, cellular phone 100 or 102, memory card 110 or 112 whenever content data is 
distributed, reproduced and replicated. 

Herein, symmetric keys Ksl-Ks4 are unique symmetric keys generated for each "session" 
corresponding to a unit of communication or a unit.. .a signal that can be provided to 
connector 1120. 



Cellular phone 100 further includes a detachably attachable memory card 110 storing and 
decrypting content data (music data) received from distribution server 30, a memory 
interface 1200 controlling data communication between provided memory card 110 and 
data bus BS2, and an authentication data hold unit 1500 Kcom to provide decryption. 

Note that for the purpose of simplifying the description, Fig. 5 only shows a cellular 
phone at a block relating to distribution and reproduction of content data in accordance 
with the present invention. The cellular phone of course has a block relating to 
conversation, which is only partially described herein. 

In 1 106, keyboard 1 108, display 1 1 10, audio reproduction unit 1 1 12, connector 1 120, 

external interface 1122, switch unit 1525 and connection terminal 1530 that correspond 
to the content reproduction unit relating to distributing and reproducing content data. 
Note that cellular phone 100 may have the block group corresponding to the content 

reproduction unit that is configured in the form of a when the key is decrypted with 

authentication key KPma. 

By thus providing a public encryption key of a recording device corresponding to a 
memory card, distributed content data, an encrypted license key and the like can be 
managed for each memory card. 

Memory card 1 10 further includes a data bus BS3 communicating... AC 1 is issued by 
distribution server 30 in a distribution operation according to license purchasing 
condition AC produced, as designated by a user when a license is purchased, and it is 
updated and held in memory card 110 whenever reproduction and replication operations 
are effected. 

Note that in Fig. 6, the portion surrounded by a solid line the Figs. 9 and 10 flow 

chart will be referred to to describe an operation in a distribution session (hereinafter also 
referred to as a distribution operation) provided in purchasing content in the data 
distribution system of the first embodiment. 

In Figs. 9 and 10 is described an operation when cellular phone user 1 uses memory card 
1 10 to receive via cellular phone 100 content data corresponding to music data 
distributed from distribution server 30. 

With reference to Fig. 9, cellular phone user 1 of cellular phone 100 for example presses 

a key button on key unit 1 108 Cp(l))KPma for authentication of a content 

reproduction circuit, a content ID and license purchasing condition data AC to 
distribution server 30 (step SI 04). 

Distribution server 30 receives the content ID, authentication data 
(KPp(l)//Cp(l))KPma, (KPmc(l)//Cmc(l))KPma, (KPp(l)//Cp(l))KPma and license 
purchasing condition AC from cellular... hold unit 1440 (step SI 44). 



When the process up to step S144 normally completes in a memory circuit, cellular 
phone 100 sends a request to distribution server 30 to distribute content data (step 
S146). 

Distribution server 30 receives the content data distribution request, obtains encrypted 
content data (Data)Kc and additional information Data-inf from information database 
340 and outputs these data on data bus BS1 and via communication device 350 (step 
S148). 

Cellular phone 100 and Kmc(l) successfully encrypted and transmitted together with 

class certificates Cp(l) and Cmc(l), respectively, are also confirmed valid, and only then 
can content data be distributed and a sufficient security' level can thus be ensured. 

Reference will now be made to Fig. 1 1 to describe an operation in a reproduction 
session. ..be replicated and if the instruction is issued to replicate all of the remaining 
licenses (step S326) controller 1420 obtains access restriction information AC1 from 
license information hold unit 1440 and updates value Sub(underscore)Move to have a 
value of 0 (step S328). 

If a number of licenses to be replicated that is indicated at step S326) then controller 

1420 obtains access restriction information AC1 from license information hold unit 1440, 
subtracts from value Sub(underscore)Move the input number of licenses to be replicated, 
and updates access restriction information AC1 in license information hold unit 1440 
(step S330). When value Sub(underscore)Move attains 0, any subsequent reproduction 
and replication are prohibited. 

Controller 1420 after it has... recorded in memory 1415, distribution server 30 can newly 
be accessed and only reproduction information can be distributed and received. If only 
reproduction information is distributed and received, again encrypted content data 
(Data)Kc can be reproduced and the user can enjoy listening to the music. 

Although the process of distributing only reproduction information is not represented in 
the form of a flow chart, it corresponds to the distribution session of Figs. 9 and 10 

minus data distribution system of the present embodiment includes a license server 1 1 

in place of license server 10 of distribution server 30 of the data distribution system of 
the first embodiment. Furthermore in the present embodiment the data distribution 
system includes a cellular phone having a configuration of cellular phone 101, rather than 
that of a difference from the Figs. 9 and 10 flow chart of the distribution operation in the 
data distribution system of the first embodiment. 

Fig. 17 describes an operation allowing a cellular phone user using memory card 1 10 to 
receive via cellular phone 101 content data corresponding to music data distributed from 
distribution server 3 1 of the second embodiment. 



With reference to Fig. 17 the second embodiment also provides a distribution operation 
with steps S100 to S128 similar... embodiment can be operated in the same distribution 
system. 

Furthermore, memory card 210 of the third embodiment is also applicable in a 
combination with the distribution system of the first embodiment. More specifically, 
license key Kc and reproduction circuit control information AC2 that are encrypted with 
secret key Kcom in the form of (Kc//AC2)Kcom can be recorded in reproduction 
information hold unit 1430. 

In connection with the above, the distribution system of the first embodiment has its 
process steps modified as will now be described. 

The third embodiment,combined with the first embodiment provides a distribution 

operation, as described in the first embodiment with reference to the Fig. 10 flow chart, 
except that a modification is introduced in the steps S140...only in that memory card 210 
provides a different internal processing and the systems can thus be operated compatible 
with each other. 

Note that the distribution system of the first embodiment differs only in the memory 
card's internal operation and memory card 1 10 of the first embodiment is thus compatible 
with memory card 210 of the third embodiment, and in that sense the distribution 
systems of the first and third embodiment can be combined together and thus operated in 
a single distribution system. 

Note that while in Fig. 21 reproduction information hold unit... 
Claims: ...Al 

1. A data distribution system comprising: 

a content provision device (10, 11) provided to distribute enciypted content data 
((Data)Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted 
content data to obtain plain content data (Data); and 

a plurality of terminals (100, 101) receiving the distribution from said content provision 
device, wherein: 

said content provision device includes 

a first interface unit (350) provided to communicate data externally, and 

a distribution control unit (315) operative an output of said first license data 

encryption unit with said second symmetric key decrypted by said session key decryption 
unit, for provision via said first interface unit for distribution; 



said deciphering unit (1 10, 210) further has 



a first authentication data hold unit (1400) holding said first public encryption key 

determined to correspond to said second decryption unit (1412) receiving said 

reproduction information and access restriction information encrypted with said second 
symmetric key and said second public encryption key and distributed from said content 
provision device, for decryption with said second symmetric key, 

a third key hold unit (1421) holding a second private decryption key (Km(i)) decrypting 
data... 
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Abstract ...to a memory device, such as a memory card, and a content reproduction 
circuit, such as a cellular phone, that are subjected to revocation of distributing, 
reproducing and transferring content data. A distribution control unit (315) suspends an 
operation distributing content data if the distribution is addressed to a class listed on 
the revocation list. The revocation list is also held in the memory card and distribution 
control unit (315) in distributing content also transmits information for updating the 
revocation list in the memory card. 
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Specification: ...without any appropriate approach taken to protect the copyright, the 
copyright owner may have his/her right infringed significantly. 

However, prioritizing copyright protection and preventing content data distribution on a 
rapidly expanding digital information communication work, is disadvantageous to 
copyright owners, who basically can collect a predetermined copyright fee for copying 
content data. 



In contrast, if digital data recorded in a without significant degradation and 

accordingly equipment is configured to prevent copying data from a recordable MD to 
another MD and thus protect copyright. 

As such, distributing music data, image data and other similar data to the public on a 
digital information communication network is itself a behavior subject to a restriction 
attributed to the public on an information communication network and received. 

Disclosure of the Invention 

One object of the present invention is to provide a data distribution system capable of 
distributing content data on an information communication network for example of 
cellular phones, and a recording device for use in the data distribution system, more 
specifically a memory card. 

Another object of the present invention is to provide a data distribution system capable of 
preventing distributed content data from being replicated without permission of the 
copyright owner, and a recording device for use in the data distribution system, more 

specifically a memory holding a class revocation list listing the first class certification 

data subjected to revocation of distribution, and a distribution control unit suspending at 
least a content key from distribution if the first authentication unit obtains the first class 
certification data listed in the class revocation list held in the class revocation list hold 
unit. 

Preferably each terminal class certification data subjected to revocation. In a 

distribution operation each terminal outputs encrypted second class certification data to 
the second interface unit via the first interface unit. The distribution control unit 
suspends the distribution operation if the class revocation list held in the class revocation 
list hold unit includes the second class certification data.. .a data distribution system of the 
present invention. 

Fig. 2 is a list of characteristics of data, information and the like used in a data 
distribution system of a first embodiment for communication. 

Fig. 3 is a list of characteristics of data, information and the like used in the data 
distribution system of the first embodiment for authentication and operating a 
revocation class list. 

Fig. 4 is a list of characteristics of keys relating to encryption in the data distribution 
system of the first embodiment. 

Fig. 5 is a schematic block diagram showing a configuration of a license server shown in 
Fig. 1. 

Fig. 6 is a schematic block are denoted by like reference characters and thus will not 

be described repeatedly. 



In the embodiments of the present invention, a configuration of a data distribution 
system distributing digital music data to each cellular phone user on a cellular phone 
network will be described by way of example, although, as will be apparent from the 
following description, the present invention is not limited thereto and also applicable to 
distributing other content data, such as that of image information, via other information 
communication networks. 

First Embodiment 

With reference to Fig. 1, music data in copyright is managed in a license server 10 using 
a predetermined encryption system to encrypt music data, (hereinafter also referred to as 

"content data") and feeding such encrypted content data to for distributing data. An 

authentication server 12 determines whether a cellular phone, a memory card or the like 
of a cellular phone user accessing for distribution of music data is authentic equipment. 

Distribution carrier 20 receives a distribution request from each cellular phone user and 

relays it via its cellular phone network to license server 10. License server 12 that the 

cellular phone user is using an authentic cellular phone, memory card and the like and 
license server 10 further encrypts the requested content data and distributes the 
encrypted content data via the cellular phone network of distribution carrier 20 to the 
cellular phone of the cellular phone user. 

In Fig. 1, for example a license server 10, authentication server 12 and distribution 

carrier 20 will generally be referred to as a distribution server 30. 

Furthermore, a process of transmitting content data from distribution server 30 for 
example to each cellular phone will be referred to as "distribution." 

As such, first of all, if memory card 1 10 is not used, content data distributed by 
distribution server 30 can hardly be received or reproduced as music. 

Furthermore, if whenever distribution carrier 20 distributes the content data of a single 
piece of music the distribution frequency increments and whenever a cellular phone user 
receives or downloads the content data a copyright fee incurs and it is collected by 
distribution carrier 20 together with the phone toll of the cellular phone, the copyright 
owner can readily collect the copyright fee. 

Furthermore such distribution of content data is also advantageous as it is provided in a 
closed system in a form of a cellular phone network, which facilitates developing an 
approach Internet. 

In this context, for example a cellular phone user 2 having a memory card 112 can 
directly receive with his/her cellular phone 102 content data distributed from 
distribution server 30. If cellular phone user 2 receives directly from distribution server 
30 content data or the like having a significant amount of information, however, the data 
reception may require a relatively long period of time. It would be more convenient for 



user 2 if the user can copy the content data from cellular phone user 1 having already 
received the content data distributed from distribution server 30. 

As shown in Fig. 1, copying content data from cellular phone user 1 to the cellular phone 

user 2 equipment together with the and limit information on license ID, access 

reproduction and the like corresponding to the information relating to copyright 
protection, and other similar information. 

Thus, once content data distributed from distribution server 30 is received, it can be 
used on the receiving side flexibly. 

Furthermore, if cellular phones 100 and 102 are personal handy phones (PHSs a 

function can thus be used to transfer information between cellular phone users 1 and 2. 

In the Fig. 1 configuration, to allow enciypted and distributed content data to be 
reproduced on the side of a cellular phone user, a system is initially required to be a 
system for distributing an encryption key in a communication, secondly the exact system 
encrypting content data to be distributed, and thirdly a configuration implementing 
content data protection for preventing such distributed content data from being copied 
without permission. 

In the present embodiment, in particular when any of distribution, reproduction and 
transfer sessions occurs, whether or not the data. 

Fig. 2 is a list of characteristics of data, information and the like used in the Fig. 1 data 
distribution system for a communication. 

Initially, data distributed from a distribution server will be described. "Data" is content 
data such as music data. Content data Data is encrypted, decryptable with a license key 
Note that hereinafter, a representation (Y) X will refer to data Y enciypted decryptable 
with a decryption key X. 

Furthermore, the distribution server distributes together with the encrypted content 
data additional information Data-inf corresponding to plaintext information on content 
data or server access. Furthermore, as the reproduction information, there exist, other 
than license key Kc, a content ID serving as a code for identifying content data Data and 
a license ID serving as a management code capable of specifying an issuance of a 
license, and access restriction information AC1 and reproduction circuit control 

information AC2 generated from license purchasing condition to as reproduction 

information. 

Reference will now be made to Fig. 3 to describe characteristics of data, information and 
the like used in a data distribution system of the first embodiment for an authentication 
and operating a revocation class list. 



In the present embodiment the class revocation list (CRL) is used to revoke content data 
distribution, reproduction and transfer for each recording device (memory card) and 
each content reproduction circuit (cellular phone) class. Hereinafter, CRL will also 

represent data in the class revocation list includes CRL data listing classes of content 

reproduction circuits and memory cards that are revoked from receiving, reproducing and 
transferring a distributed license. 

CRL data is managed in the distribution server and also recorded and thus held in a 
memory card. Such a class revocation list needs to be upgraded, as appropriate secret. 
Keys Ksl-Ks4 are symmetac keys generated by server 30, cellular phone 100 or 102, 
memory card 1 10 or 1 12 whenever content data is distributed, reproduced and 
transferred. 

Herein, symmetric keys Ksl-Ks4 are unique symmetric keys generated for each "session" 
corresponding to a unit of communication or a unit... a signal that can be provided to 
connector 1120. 

Cellular phone 100 further includes a detachably attachable memory card 1 10 storing and 
decrypting content data (music data) received from distribution server 30, a memory 
interface 1200 controlling data communication between provided memory card 110 and 
data bus BS2, and an authentication data hold unit 1500 to a headphone 130. 

Note that for the purpose of simplifying the description, Fig. 6 only shows a cellular 
phone at a block relating to distribution and reproduction of music data in accordance 
with the present invention. The cellular phone of course has a block relating to 
conversation, which is only partially described herein. 

Furthermore, the cellular phone can be used more conveniently if in cellular phone 100 
the entirety of the block relating to distribution and reproduction of content data, as 
shown in Fig. 6, surrounded by a dotted line excluding a block relating to a conversation- 
processing, is provided in the form of. holding public encryption key KPm(l) 

decryptable with Km(l). 

By thus providing an encryption key of a recording device corresponding to a memory 
card, distributed content data, an encrypted license key and the like can be managed for 
each memory card. 

Memory card 1 10 further includes a data bus BS3 communicating... flow chart. 

Initially the Figs. 8 and 9 flow chart will be referred to to describe a distribution 
operation, (hereinafter also referred to as a distribution session) provided in purchasing 
content in the data distribution system of the first embodiment. 

In Figs. 8 and 9 is described an operation when cellular phone user 1 uses memory card 
1 10 to receive via cellular phone 100 content data corresponding to music data 
distributed from distribution server 30. 



With reference to Fig. 8, cellular phone user 1 of cellular phone 100 for example presses 

a key button on key unit 1 108 Cp(l))KPma for authentication of a content 

reproduction circuit, a content ID and license purchasing condition data AC to 
distribution server 30 (step SI 04). 

Distribution server 30 receives the content ID, authentication data 
(KPmc(l)//Cmc(l))KPma, authentication data (KPp(l)//Cp(l))KPma and license 
purchasing condition AC from cellular phone 100, in. ..hold unit 1440 (step S150). 

When the process up to step S150 normally completes in a memory circuit, cellular 
phone 100 sends a request to distribution server 30 to distribute content data (step 
S152). 

Distribution server 30 receives the content data distribution request, obtains encrypted 
content data (Data)Kc and additional information Data-inf from information database 
340 and outputs these data on data bus BS1 and via communication device 350 (step 
S154). 

Cellular phone 100 and Kmc( 1) successfully encrypted and transmitted together with 

class certificates Cp(l) and Cmc(l), respectively, are also confirmed valid, and only then 
can content data be distributed in response only to a distribution request from 
equipment without class certificates Cp(l) or Cmc(l) found in the class revocation list, 
i.e. ..moves on to a subsequent step S322, and it obtains a corresponding content ID and 
license ID from license information hold unit 1440, and furthermore updates access 
control information AC1 in license information hold unit 1440 and records that any 
subsequent reproduction and transfer are revoked (step S324). Responsively, in 
reproduction and transfer sessions the access control... server 30 and simply receiving a 
distribution of reproduction information allows encrypted content data to be again 
reproduced to allow the user to enjoy the music. The distribution process simply with 
reproduction information, although not shown in the Figs. 8 and 9 flow chart, is a process 

excluding steps S152, S154, S156 and permission list corresponding to version data 

CRL(underscore)ver and differential data CRL(underscore)dat in operating the class 
revocation list that are output from distribution server 30 when content data is 
distributed or in response to a request from a user. 

In this case, any class corresponding to a reproduction circuit or memory card with a 
key... data distribution system of the present embodiment includes a license server 1 1 in 
place of license server 10 of distribution server 30 of the data distribution system of the 
first embodiment. Furthermore in the present embodiment the data distribution system 
includes a cellular phone having a configuration of cellular phone 101, rather than that 

of Fig. 15 a description will be made of a difference from the Figs. 8 and 9 flow chart 

of the distribution operation in the data distribution system of the first embodiment. 

With reference to Fig. 15, the process up to step S 132 is identical to that in the Fig. 8 
flow chart. As has been be described. 



With reference to Fig. 16, the data distribution system of the second embodiment is 
different in reproduction operation from the Fig. 10 data distribution system of the first 
embodiment in that steps S222-S226 are replaced by steps S222a-S226a. 

Steps S222a-S226a differ from steps S222-S226 in that license key Kc.of the third 
embodiment. In the present embodiment the data distribution system in a distribution 
session operates to effect step SI 00 (the generation of a content distribution request 
through the acquisition of license key Kc in distribution server 30 from a database) 
through step S142, as has been described with reference to... 

Claims: ...Al 

1. A data distribution system comprising: 
a plurality of terminals (100, 101); and 

a content provision device (10, 1 1) distributing encrypted content data ((Data)Kc) and 
a license key (Kc)to said plurality of terminals, said license key serving as a decryption 
key decrypting said encrypted content. ..interface unit (350) and said second interface unit 
(1 102) are connected together by a cellular phone network; and 

said distribution control unit (315) in said distribution operation uses said first class 
certification data (Cmc(m)) to authenticate said deciphering unit (110, 115). 

8. The data distribution system of claim 7, wherein each said terminal (100 of claim 

1, wherein said first storage unit (1415, 1440) is a semiconductor memory and said 
recording device is a memory card. 

15. A data distribution system comprising: 

a content provision device (10, 11) provided to distribute enciypted content data 
((Data)Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted 
content data to obtain plaintext content data (Data); and 

a plurality of terminals (100, 101) receiving the distribution from said content provision 
device (10, 11), wherein: 

said content provision device includes 

a first interface unit (350) provided to externally communicate data, 

a first authentication unit (312 revocation list (CRL) listing said first class 

certification data subjected to revocation of distribution of said license key, 

a distribution control unit (315) suspending a distribution operation distributing first 

reproduction information at least including said license key, if said first authentication 



unit obtains said first class certification data listed on said class revocation list... an output 
of said first license data encryption unit with said second symmetric key decrypted by 
said session key decryption unit, for provision to said first interface unit for distribution; 

each said terminal includes 

a second interface unit (1 102) provided to externally communicating data, and 

a distributed-data deciphering unit (110, 1 15) receiving and recording encrypted in 

said content provision device (10, 1 1) with said second public encryption key (KPm(i)), 
further encrypted with said second symmetric key (Ks2), and distributed together with 
said first reproduction information, for decryption with said second symmetric key and 
said second private decryption key (Km(i)); and 

said first storage unit (1415, 1440) further holding said class revocation list (CRL), 

and 

a control unit (1420) operative in response to issuance of an instruction to effect a 
distribution operation to distribute said encrypted content data ((Data)Kc), to produce 
update information (CRL(underscore)ver) capable of specifying an update of said class 
revocation list held in said second storage... encrypted in said content provision device 
(10, 11) with said second public encryption key (KPm(i)), further encrypted with said 
second symmetric key (Ks2), and distributed together with said first reproduction 
information (AC2), for decryption with said second symmetric key and said second 
private decryption key (Km(i)); 

said first storage unit (1440), said deciphering enciypted in said content provision 

device (10, 11) with said second public encryption key (KPm(i)), further encrypted with 
said second symmetric key (Ks2), and distributed together with said first reproduction 
information (AC2), for decryption with said second symmetric key and said second 
private decryption key (Km(i)); 

said first storage unit (1440) further records... private decryption key held in said seventh 
key hold unit, and extracting said license key for output to said content reproduction unit. 

30. A data distribution system comprising: 

a content provision device (10, 11) distributing encrypted content data ((Data)Kc) and 
a license key (Kc) serving as a decryption key decrypting said encrypted content data to 
obtain plaintext content data (Data); and 

a plurality of terminals (100, 101) receiving the distribution from said content provision 
device (10, 11), wherein: 

said content provision device (10, 11) includes 



a first interface unit (350) externally communicating data, 

an authentication unit (312) receiving decryption with said authentication key, 

a class permission list hold unit holding a class permission list listing said class 
certification data subjected to permission of distribution of said encrypted content data, 
and 

a distribution control unit (315) effecting at least a distribution operation to distribute 
said license key, if said authentication unit obtains said class certification data listed 
in...m)) subjected to revocation of communication of said content data; 

a control unit (1420) operative in response to issuance of an instruction to effect a 
distribution operation to distribute said content data, to refer to information received 
externally via said interface unit (1202) and thus update content of said list in said second 
storage unit; and... 
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Specification: ...such as refunds, transmission failures, and purchase disputes. The 
ClearingHouse(s) 105 can be operated as an independent entity, providing a trusted 
custodian for rights management and metering. It provides billing and settlement as 
required. Examples of electronic ClearingHouse(s) include Secure-Bank.com and Secure 

Electronic Transaction (SET) from Visa End-User Device(s) 109 can be any player 

device that contains an End-User Player Application 195 (described later) compliant with 
the Secure Digital Content Electronic Distribution System 100 specifications. These 
devices may include PCS, set top boxes (IRDs), and Internet appliances. The End-User 

Player Application 195 could be implemented in or consumer electronics hardware. 

In addition to performing play, record, and library management functions, the End-User 
Player Application 195 performs SC processing to enable rights management in the 



End-User Device(s) 109. The End-User Device(s) 109 manages the download and storage 

of the SCs containing the Digital Content are used throughout this to mean through 

the use or running-on an End-User Device(s) 109. 6. Transmission Infrastructures 107 

The Secure Digital Content Electronic Distribution System 100 is independent of the 
transmission network connecting the Electronic Digital Content Store(s) 103 and End- 
User Device(s) 109. It supports both designed for a point-to-point distribution model 

can be adapted to support a broadcast distribution model as well. 

C. System Uses 

The Secure Digital Content Electronic Distribution System 100 enables the secure 
delivery of high-quality, electronic copies of Content 1 13 to End-User Device(s) 109, 
whether consumer or business, and to regulate and track usage of the Content 113. 

The Secure Digital Content Electronic Distribution System 100 could be deployed in a 
variety of consumer and business-to-business services using both new and existing 
distribution channels. Each particular service could use a different financial model that 
can be enforced through the rights management features of the Secure Digital Content 
Electronic Distribution System 100. Models such as wholesale or retail purchase, pay- 
per-listen usage, subscription services, copy/no-copy restrictions, or redistribution could 
be implemented through the rights management of the ClearingHouse(s) 105 and the 
End-User Player Application 195 copy protection features. 

The Secure Digital Content Electronic Distribution System 100 allows Electronic 
Digital Content Store(s) 103 and Intermediate Market Partners a great deal of flexibility 

in creating services that sell Content 113 and metered so that they can receive 

appropriate compensation for the licensing of Content 113. 

II. CRYPTOGRAPHY CONCEPTS AND THEIR APPLICATION TO THE SECURE 
DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 

License Control in the Secure Digital Content Electronic Distribution System 100 is 
based on the use of cryptography. This section introduces basic cryptography 
technologies of the present invention. The use of public key encryption, symmetric key 
encryption, digital signatures, digital watermarks and digital certificates is known. 

A. Symmetric Algorithms 

In the Secure Digital Content Electronic Distribution System 100 the Content 

Provider(s) 101 encrypts the content using symmetric algorithms. They are called 
symmetric algorithms because the same key is used to encrypt and decrypt data. The data 
sender and the message recipient must share the key. The shared key is referred to here as 
the symmetric key. The Secure Digital Content Electronic Distribution System 100 
architecture is independent of the specific symmetric algorithm selected for a particular 
implementation. 



Common symmetric algorithms are DES, RC2 and RC4. Both DES... using Microsoft's 
CryptoAPI, running on a 120-MHZ, Pentium-based computer with Windows NT 4.0. 

B. Public Key Algorithms 

In the Secure Digital Content Electronic Distribution System 100, symmetric keys and 
other small data pieces are encrypted using public keys. Public key algorithms use two 

keys. The two keys are mathematically 6 kilobits/second with a 512-bit modules and 

7.4 kilobits/second with a 1024-bit modules. 

C. Digital Signature 

In the Secure Digital Content Electronic Distribution System 100, the issuer of SC(s) 
protects the integrity of SC(s) by digitally signing it. In general, to create a digital 

signature of the recovered one. If the message has not being altered during 

distribution, the calculated digest and recovered digest must be equal. 

In the Secure Digital Content Electronic Distribution System 100, since SC(s) contain 
several data parts, a digest is calculated for each part and a summary digest is calculated 

for the concatenated recipient of the message uses the entity's name from the 

certificate to decide whether or not to accept the message. 

In the Secure Digital Content Electronic Distribution System 100, every SC(s), except 
those issued by the End-User Device(s) 109, includes the certificate of the creator of the 

SC(s many End-User(s) do not bother to acquire a certificate or have certificates 

issued by non bona-fide Certification Authorities. In the Secure Digital Content 
Electronic Distribution System 100, the ClearingHouse(s) 105 has the option of issuing 
certificates to the Electronic Digital Content Store(s) 103. This allows the End-User 
Device(s) 109 to independently verify that the Electronic Digital Content Store(s) 103 
have been authorised by the Secure Digital Content Electronic Distribution System 100. 

E. Guide To The SC(s) Graphical Representation 

This document uses a drawing to graphically represent SC(s) that shows encrypted parts, 
non... symmetric key in this case). Another encrypted object, in this example a 
Transaction ID encrypted object 205 is shown. And Usage Conditions 206 for content 
licensing management as described below. The SC(s) 200 comprises Usage Conditions 
206, Transaction ID encrypted object 205, an Application ID encrypted object 207, and 

encrypted symmetric created and decrypted in this process overview is a general 

SC(s). It does not represent any of the specific SC(s) types used for rights management 
in the Secure Digital Content Electronic Distribution System 100. The process consists 
of the steps described in FIG. 3 for encryption process. 

Process Flow for Encryption Process of FIG.3 



Process Flow for Decryption Process of FIG.4 



IE. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
FLOW 



The Secure Electronic Digital Content Distribution System 100, consists of several 
components that are used by the different participants of the system. These participants 

include the Content Provider(s) 101, Electronic via End-User Device(s) 109 and the 

ClearingHouse(s) 105. A high level system flow is used as an overview of the Secure 
Digital Content Electronic Distribution System 100. This flow outlined below tracks 
Content as it flows throughout the System 100. Additionally it outlines the steps used by 

the participants to of the Digital Content e.g. music, video and program and electronic 

distribution systems broadcast. 

The following process flow in illustrated in FIG. 1 . 

IV. RIGHTS MANAGEMENT ARCHITECTURE MODEL 

A. Architecture Layer Functions 

FIG. 5 is a block diagram of the Rights Management Architecture of the Secure Digital 
Content Electronic Distribution System 100. 

Architecturally, four layers represent the Secure Digital Content Electronic Distribution 
System 100: the License Control Layer 501, the Content Identification Layer 503, 
Content Usage Control Layer 505, and the Content Formatting Layer 507. The overall... 
...required that the output from one layer satisfies format and semantics acceptable to the 
adjacent layer. 

The License Control Layer 501 ensures that: 

*the Digital Content is protected during distribution against illegal interception and 
tampering; 

* the Content 113 originates from a rightful content owner and is distributed by a 

licensed distributor, e.g. Electronic Digital Content Store(s) 103; 

* the Digital Content purchaser has a properly licensed application; 

* the distributor is paid native representation in the content owner's facilities into a 

form that is consistent with the service features and distribution means of the Secure 
Digital Content Electronic Distribution System 100. The conversion processing may 
include compression encoding and its associated preprocessing, such as frequency 
equalisation and amplitude dynamic adjustment. For Content 113 which... 113 also needs 
to be processed to achieve a format appropriate for playback or transfer to a portable 
device. 

B. Function Partitioning and Flows 



The Rights Management Architectural Model is shown in FIG. 5 and this illustrates the 
mapping of the architectural layers to the operating components making up the Secure 
Digital Content Electronic Distribution System 100 and the key functions in each layer. 

1. Content Formatting Layer 507 

The general functions associated with the Content Formatting Layer 507 are 113 and 

its transmission time. Any compression algorithm appropriate for the type of Content 113 
and transmission medium can be used in the Secure Digital Content Electronic 
Distribution System 100. For music, MPEG 1/2/4, Dolby AC-2 and AC-3, Sony 
Adaptive Transform Coding (ATRAC), and low-bit rate algorithms are some of the 
typically... Transaction 541 and the License Authorisation 543 are complete and authentic, 
that the Electronic Digital Content Store(s) 103 has authorisation from the Secure Digital 
Content Electronic Distribution System 100 for the sale of electronic Content 113, and 
that the End-User(s) has a properly licensed application. Audit/Reporting 545 allows the 
generation of reports and the sharing of licensing transaction information with other 
authorised parties in the Secure Electronic Digital Content Distribution System 100 

License control is implemented through SC Processing 533. SC(s) are used to distribute 
encrypted Content 113 and information among the system operation components (more 
about the SC(s) detailed structure sections below). A SC is cryptographic carrier of 

information that from reputable Certificate Authorities that are used to authenticate 

those components. The End-User Device(s) 109 are not required to have digital 
certificates. 

C. Content Distribution and Licensing Control 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 
Licensing Control as it applies to the License Control Layer of FIG. 5. The figure depicts 

the case in which the Electronic Digital Content each Content 113 object, the 

Metadata SC(s) 620 also carries the Store Usage Conditions 519 associated with the 
Content Usage Control Layer 505. 

The Content Provider(s) 101 distributes the Metadata SC(s) 620 to one or more 
Electronic Digital Content Store(s) 103 (step601) and the Content SC(s) 630 to one 
or... End-User Device(s) 109, the ClearingHouse(s) 105 verifies: 

1. that the Electronic Digital Content Store(s) 103 has authorisation from the Secure 
Digital Content Electronic Distribution System 100 (exists in the Database 160 of the 
ClearingHouse(s) 105); 

2. that the Order SC(s) 650 has not been altered; 

3. that... was used to encrypt the encrypted part. 

If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 



B. Rights Management Language Syntax and Semantics 

The Rights Management Language consists of parameters that can be assigned values to 
define restrictions on the use of the Content 1 13 by an End-User(s) after... Key 623 bit 
string that was used to encrypt the part. 

VII. CLEARINGHOUSE(S) 105 

A. Overview 

The ClearingHouse(s) 105 is responsible for the rights management functions of the 
Secure Digital Content Electronic Distribution System 100. ClearingHouse(s) 105 
functions include enablement of Electronic Digital Content Store(s) 103, verification of 
rights to Content 113, integrity and authenticity validation of the buying transaction and 
related information, distribution of Content encryption keys or Symmetric Keys 623 to 
End-User Device(s) 109, tracking the distribution of those keys, and reporting of 
transaction summaries to Electronic Content Store(s) Embodiment 

An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 
to one or more of the Digital Content Provider(s) 101 that provide Content 1 13 to the 
Secure Digital Content Electronic Distribution System 100. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital content s) 105 is contacted, usually via E-mail, with a request that the 

Electronic Digital Content Store(s) 103 be added to the Secure Digital Content 
Electronic Distribution System 100. The digital content label provides the name of the 
Electronic Digital Content Store(s) 103 and any other information that may be required 

for the ClearingHouse(s) 105 End-User Device(s) 109 verifies that the Electronic 

Digital Content Store(s) 103 is a valid distributor of Content 1 13 on the Secure Digital 
Content Electronic Distribution System 100 by first checking the digital certificate 
revocation list and then using the Public Key 621 of the ClearingHouse(s) 105 to verify 

the information in the digital 660 it determines whether a new revocation list is 

included and if so, the local revocation list on the End-User Device(s) 109 is updated. 

B. Rights Management Processing 
Order SC(s) Analysis 

The ClearingHouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 
End-User(s... Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 
that the Electronic Digital Content Store(s) 103 is authorised by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
ClearingHouse(s) 105 is the issuer of the certificates. Alternately, the ClearingHouse(s) 
105 would.. .SC(s) 660 to the End-User Device(s) 109. The Electronic Digital Content 
Store(s) 103 is also expected to participate in managing the distribution of Content 113 
to various countries by performing the same checks as the ClearingHouse(s) 105. The 



ClearingHouse(s) 105 does whatever checking that it can in Content 113 purchase 

transactions and report request transactions. The information can be used for a variety of 
purposes such as audits of the Secure Digital Content Electronic Distribution System 
100, generation of reports, and data mining. 

The ClearingHouse(s) 105 also maintains account balances in Billing Subsystem 182 for 
the Electronic Digital Content. ..Store(s) 103 so that the Electronic Digital Content 
Store(s) 103 can charge the End-User(s)' credit card. 

G. Retransmissions 

The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 1 13. This is typically performed by a Customer 

Service Interface 184. Electronic Digital Content Store the End-User(s) for the 

purchase of the Content 113. 

VIII. CONTENT PROVIDER 

A. Overview 

The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 
System 100 is the digital content label or the entity who owns the rights to the Content 
113. The role of the Content Provider(s) 101 is to prepare the Content 1 13 for 
distribution and make information about the Content 113 available to Electronic Digital 
Content Store(s) 103 or retailers of the downloadable electronic versions of the Content... 
...that the Content 113 is secure when it leaves the Content Provider(s)' 101 domain and 
never exposed or accessible by unauthorised parties. This allows Content 1 13 to be 
freely distributed throughout a non-secure network, such as the Internet, without fear of 
exposure to hackers or unauthorised parties. 

The end goal of the tools for... Content 113 and information and calls the SC(s) Packer to 
pack into SC(s). 

* Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centres, such as Content Hosting Site(s) 111 and Electronic Digital Content Store(s) 103. 

* Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally 
additional promotional... the song file remain available until after Content Quality Control 
Process 810. 

1 1 . Encryption Process 811 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion... of media, such as several audio CDS, can be queued up so 



as to enable the Automatic Metadata Acquisition Tool to create a series of Content 113 
for electronic distribution. For example, all the Content 113 could be created from a 
series of CDS or even selected tracks from one or more CDS examined by the Content 
Provider(s) 101... design and layout of this site or can choose to use a turnkey web server 
solution provided as part of the toolkit for Secure Digital Content Electronic 
Distribution System 100. To implement their own design for this service, the Content 
Provider(s) 101 need only provide links to the Metadata SC(s) 620 for Electronic Digital 
Content Store(s) 103 who access their site. This is accomplished using the toolkit for the 
Secure Digital Content Electronic Distribution System 100. The selection process and 
what information is shown is the discretion of the Content Provider(s) 101. 

Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 
The computer disk space and bandwidth needs call for a distributed, scalable 
implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 101 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 111 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
and several Secondary Content Sites (not shown) that contain the current hot hits 
offered by the Content Provider(s) 101. The number of Content Hosting Site(s) 111 
changes times. 

Should the Content Provider(s) 101 choose to host all of their Content 1 13 in their own 
system, they can act as a single Content Hosting Site 111 with or without additional 
Secondary Content Sites. This allows them to build their own scalable distributed 
system. In another embodiment, Electronic Digital Content Store(s) 103 can also act as 
Content Hosting Site(s) 1 1 1 for certain Content 1 13. This embodiment... or the download 
request may be redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 111 provided by the Secure Digital Content Electronic 
Distribution System 100 



For the Secure Digital Content Electronic Distribution System 100 the decision of 
which site should be used to download the Content 1 13 is made by the primary content 
site that received the to make this decision: 

* Are there secondary content sites that host the Content 1 13 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
is only located at primary sites); 

* Where is the End-User Device(s) 109 geographically located? (This information can be 
obtained from the is allowed to download the Content 113. 

Secondary Content Sites 

The Secondary Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPs) to improve 
download times. These sites are for Multiple Electronic Digital Content Store(s) 103 

Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities 
who market the Content 1 13 to be distributed to the customer. For distribution of 
Content 113, this would include Digital Content Retailing Web Sites, Digital Content 
Retail Stores, or any business who wishes to get involved in marketing electronic 

Content Store(s) 103 is accomplished via a set of tools developed for the Electronic 

Digital Content Store(s) 103 as part of the Secure Digital Content Electronic 
Distribution System 100. 

These tools are used by the Electronic Digital Content Store(s) 103 to: 

* acquire the Metadata SC(s) 620 packaged by the Content.. .the main variant between the 
broadcast based service offering and the point-to-point interactive web service type 
offering. 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1 . Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 

downloadable electronic Content 1 13 to batch driven and can be largely automated 

and is executed only to integrate new Content 113 into the site. 



The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 

implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System 100, it would simply need to indicate which products in its inventory are also 

available for electronic download and allow its customers to select all electronic 

downloads. It simply passes the required information and all processing from that point 
on is handled by the toolset for the Secure Digital Content Electronic Distribution 
System 100. In another embodiment, other methods of transaction handling are also 
possible using tools for the Secure Digital Content Electronic Distribution System 100 
to handle the financial settlement should the Electronic Digital Content Store(s) 103 wish 
to sell downloadable merchandise only or to segregate the... to retain a cross reference of 
the Content 113 being offered to this Product ID to properly interface with the tools for 
the Secure Digital Content Electronic Distribution System 100. Providing this 
information here, allows the Electronic Digital Content Store(s) 103 to integrate this 
product or Content 113 into its inventory and. ..only used by the Electronic Digital 
Content Store(s) 103 as input to his web service database is removed from the Metadata 
SC(s) 620. Rights management information provided by the Content Provider(s) 101, 
such as watermarking instructions, encrypted Symmetric Keys 623, and Usage 
Conditions 517 defining the permitted uses of... new Content 1 13 has been placed in the 
Content Promotions Web Site 156. 

None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows 100 but are provided as options to allow the Electronic 

Digital Content Store(s) 103 the opportunity to close its records on the is an optional 

process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the ClearingHouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 

Broadcast primarily refers to a one to many transmission method where there is no 
personal interaction between the End-User Device(s) 109 and.. .Content 1 13 as well as 
prepare SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to 
manage and prepare Content 1 13 for distribution on a broadcast infrastructure. The 
SC(s) distributed over a Web service are the same as those distributed over a broadcast 
service. 



1. Multi-Tier Digital TV Embodiment 



Turning now to FIG. 18, shown is a high level logical diagram of an alternate 
embodiment of electronic distribution of digital content using broadcast infrastructure, 
according to the present invention. In this embodiment, the Content Provider(s) 101, as 

previously described above in FIG. 6, provide Metadata through a back channel such 

as a telephone line. 

FIG. 19 is a detailed block diagram of FIG. 18, illustrating an alternate embodiment of 
electronic distribution of digital content using broadcast infrastructure , according to the 
present invention. The Broadcast Centre(s) 1802 receive the Offer SC(s) 641. The 
Carousel Builder & Broadcaster 1902 creates. ..the receiver. 

2. Web broadcasting Over Separate Channels Embodiment 

FIG. 27 is a detailed block diagram of FIG. 18, illustrating an alternate embodiment of 
electronic distribution of digital content using separate channels in a web broadcasting 
service, according to the present invention. This exemplary architecture overview in FIG. 
27 is used to illustrate a. ..or play the Content 1 13 desired. 

And as previously described for the "online" or "connected" version of the current 
delivery system, the necessary steps of updating usage conditions and rights associated 
with the Content can be monitored through the Clearing House(s) 105. 

X. END-USER DEVICE(S) 109 

The applications in the End-User Device(s) 109 for the Secure Digital Content 
Electronic Distribution System 100 perform two main functions: first the SC(s) 
processing and copy control; and second playback of encrypted Content 113. Whether the 

End-User to the downloadable objects, the End-User(s) may have a combination of 

physical and electronic downloadable merchandise in his shopping cart. The Secure 
Digital Content Electronic Distribution End-User Device(s) 109 are not involved until 
after the End-User(s) checks out and submits his final purchase authorisation to the 
Electronic... of times. Until such time as the copy control standards are more stable, 
alternative methods of copy control have been provided in the Secure Digital Content 
Electronic Distribution System 100 so that it does not rely on the copy control 
watermark in order to provide rights management in the consumer device. Storage and p 
lay/record usage conditions security is implemented utilising encrypted DC Library 
Collections 196 that are tied to the... algorithm. Thus use of widely accepted and proven 
industry standard algorithms can be used thus further enhancing Digital Content Industry 
acceptance of the Secure Digital Content Electronic Distribution System 100. 

The second purpose of this Decryption and Re-Encryption 194 process is to remove the 

requirement that the original master encryption Key 623 to encrypt the Content 1 13 is 

used for any associated metadata needing to be encrypted. 



D. The Player Application 195 



1. Overview 



The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to. ..as handle requests for information about the stored songs. 

6. Inter- application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 
plug-in, etc) that may invoke the Player Application 195, or that the Player.. .by the Player 
Application 195. A typical audio enthusiast has a library of CDS holding songs. All of 
these are available within the Secure Digital Content Electronic Distribution System 
100. The set of songs that have been purchased from Electronic Digital Content Store(s) 
103 are stored within a Digital Content Library 196... 
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Specification: ...The invention disclosed broadly relates to the field of electronic 
commerce and more particularly to a system and related tools for the secure delivery and 
rights management of digital assets, such as print media, films, games, and music over 
global communications networks such as the Internet and the World Wide Web. 

Description However, in the case of electronic distribution, the tangible medium is no 

longer needed. The cost of the tangible medium is not a factor because content is 
distributed electronically. A second barrier, is the format of the content itself i.e. is the 

content stored in an analog format versus a digital format of copies can be as clear 

and crisp as the original. The aggregate effect of perfect digital copies combined with the 
very low cost to distribute content electronically and to distribute content widely over 
the Internet makes it relatively easy to pirate and distribute unauthorized copies. With a 
couple of keystrokes, a pirate can send hundreds or even of thousands of perfect copies of 



digital content over the Internet. Therefore a need exists to ensure the protection and 
security of digital assets distributed electronically. 

Providers of digital content desire to establish a secure, global distribution system for 
digital content that protects the rights of content owners. The problems with establishing 
a digital content distribution system includes developing systems for digital content 
electronic distribution, rights management, and asset protection. Digital content that is 
distributed electronically includes content such as print media, films, games, programs, 
television, multimedia, and music. 

The deployment of an electronic distribution system provides the digital content 
providers the ability to achieve fast settlement of payment through immediate sales 
reporting and electronic reconciliation as well as gain secondary sources of revenue 
through redistribution of content. Since the electronic digital content distribution system 
is not affected by physical inventory outages or returns, the digital content providers and 

retailers may realize reduced costs and improved margins. Digital content immediate 

feedback on electronic marketing programs and promotions. In order to meet these goals, 
a need exists for digital content providers to use an electronic distribution model to 
make digital content available to a wide range of users and businesses while ensuring 
protection and metering of digital assets. 

Other commercially available electronic distribution systems for digital content, such as 
real audio, A2B from AT&T, Liquid Audio Pro from Liquid Audio Pro Corp., City 
Music Network from Audio Soft and others offer transmission of digital data over 
secured and unsecured electronic networks. The use of secured electronic networks 
greatly reduces the requirement of digital content providers of distributing digital to a 
wide audience. The use of unsecured networks such as the Internet and Web allows the 

digital content to arrive to an end user's machine, the digital content is readily 

available to the end-user for unauthorized re-distribution. Therefore a need exists for a 
secure digital content electronic distribution system that provides protection of digital 
assets and ensures that the Content Provider(s)' rights are protected even after the digital 
content is delivered to consumers and businesses. A need thus exists for rights 
management to allow for secure delivery, licensing authorization, and control of the 
usage of digital assets. 

Another reason owners of digital content have been slow to embrace electronic 
distribution is their desire to maintain and foster existing channels of distribution. Most 
content owners sell through retailers. In the music market these U.S. retailers include 
Tower Records, Peaches, Blockbuster, Circuit City and others. Many of these retailers... 
...of electronic content such as pictures, games, music, programs and videos a way to 
differentiate themselves from each other and the content owners when selling music 
through electronic distribution. 

Content owners prepare their digital content for electronic distribution through 
distribution sites such as electronic stores. Electronic stores on the Internet, or through 



other online services, want to differentiate themselves from each other by their product... 
...provide a solution to these requirements. 

Still, another reason owners of digital content have been slow to embrace electronic 
distribution is the difficulty in preparing content for electronic distribution. Today, 
many providers of content have thousands or even tens of thousands of titles in their 

portfolio. In a music example, it is not unusual for a content owner to for musical 

sound tracks to movies and other collections or compilations. As more content is offered 
digitally, the need to re-mix and encode the content for electronic distribution grows. 
Many times providers need to use old recording formats as guides to select the correct 

master sound recordings and have these sound recordings reprocessed exists to 

provide content providers a method to automatically retrieve associated data and master 
recordings for content such as audio. 

Content owners prepare their digital content for electronic distribution through a 
process known as encoding. Encoding involves taking the content, digitizing it, if the 

content is presented in an analog format, and compressing it progress of the encoding 

process. Accordingly, a need exists to overcome these problems. 

Still another reason digital content providers have been slow to adopt electronic 
distribution for their content is lack of standards for creating digital players on end-user 
devices for electronically delivered content. Content providers, electronic stores, or 

others in the electronic library of digital content without allowing the end user to have 

access to the content for uses other than what was purchased. 

Still another problem content owners face with the distribution of digital content is 
where the purchase transaction contains multiple copies of an identical piece of content. 

For example, suppose a customer purchases a song or movie with system for tracking 

usage of content data. One embodiment of the present invention provides a system for 
tracking usage of digital content on user devices. Content sites for distributing digital 
content over a computer readable medium to users. The content sites associate unique 
content identifier with the content associated. Electronic stores coupled to a network 
sell... of example only, with reference to the accompanying drawings in which: 

FIG. 1 is a block diagram illustrating an over view of a Secure Digital Content 
Electronic Distribution System; 

FIG. 2 is a block diagram illustrating an example Secure Container (SC) and the 
associated graphical representations; 

FIG. 3 is a block diagram illustrating overview of the de-encryption process for a 

Secure Container (SC); 

FIG. 5 is a block diagram illustrating an overview of the layers for the Rights 
Management Architecture of the Secure Digital Content Distribution System of FIG. 1; 



FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 

Licensing Control as it applies to the License Control Layer of FIG. 5; 

FIG. 7 is an illustration of an example user interface for locating different sections in 

this embodiment. 

The invention as claimed is particularly described in X.D.8 with reference to figure 18. 
I. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
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1. Overview 
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7. Other Miscellaneous Components 
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I. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
A. System Overview 

The Secure Digital Content Electronic Distribution System is a technical platform that 
encompasses the technology, specifications, tools, and software needed for the secure 
delivery and rights management of Digital Content and digital content-related content to 
an end-user, client device. The End-User Device(s) include PCS, set top boxes (IRDs... 
...refers to information and data stored in a digital format including: pictures, movies, 
videos, music, programs, multimedia and games. 

The technical platform specifies how Digital Content is prepared, securely distributed 
through point-to-point and broadcast infrastructures (such as cable, Internet, satellite, and 
wireless) licensed to End-User Device(s), and protected against unauthorized copying... 
...of various technologies such as watermarking, compression/encoding, encryption, and 
other security algorithms as they evolve over time. 

The base components of the Secure Digital Content Electronic Distribution System are: 

(1) rights management for the protection of ownership rights of the content proprietor; 

(2) transaction metering for immediate and accurate compensation; and (3) an open and 
well-documented architecture that enables Content Provider(s) to prepare content and 
permit its secure delivery over multiple network infrastructures for playback on any 
standard compliant player. 



1. Rights Management 



Rights management in the Secure Digital Content Electronic Distribution System is 
implemented through a set of functions distributed among the operating components of 
the system. Its primary functions include: licensing authorization and control so... 
...license, such as permitted number of copies, number of plays, and the time interval or 
term the license may be valid. A secondary function of rights management is to enable a 
means to identify the origin of unauthorized copies of content to combat piracy. 

Licensing authorization and control are implemented through the by enabling 

intermediate or End-User(s) to unlock content after verification of a successful 
completion of a licensing transaction. Secure Containers are used to distribute encrypted 
content and information among the system components. A SC is a cryptographic carrier 
of information or content that uses encryption, digital signatures, and digital certificates 

to modification of electronic information and content. It also allows for the 

verification of the authenticity and integrity of the Digital Content. The advantage of 
these rights management functions is that the electronic Digital Content distribution 
infrastructure does not have to be secure or trusted. Therefore allowing transmission over 

network infrastructures such as the Web and Internet. This is due to content resides or 

where it comes from. This information may be used to combat illegal use of the Content. 

2. Metering 

As part of its rights management functions, the Clearinghouse(s) keeps a record of all 
transactions where a key exchange is cleared through the Clearinghouse(s). This record 

allows for the retailers, and others, on an immediate or periodic basis to facilitate 

electronic reconciliation of transaction payments and other uses. 

3. Open Architecture 

The Secure Digital Content Electronic Distribution System (System) is an open 
architecture with published specifications and interfaces to facilitate broad 

implementation and acceptance of the System in the market place while to evolve 

over time as various technologies, transmission infrastructures, and devices are delivered 
to the marketplace. 

The architecture is open regarding the nature of the Content and its format. Distribution 
of audio, programs, multimedia, video, or other types of Content is supported by the 
architecture. The Content could be in a native format , such as linear PCM for digital... 
...evolve. This flexibility allows Content Provider(s) to pick and evolve the technologies 
they use for data compression, encryption, and formatting within the Secure Digital 
Content Electronic Distribution System. 

The architecture is also open to different distribution networks and distribution models. 
The architecture supports content distribution over low- speed Internet connections or 
high-speed satellite and cable networks and can be used with point-to-point or broadcast 
models. In addition compliant player devices. 



B. System Functional Elements 

Turning now to FIG. 1, there is shown a block diagram illustrating an overview of a 
Secure Digital Content Electronic Distribution System 100 according to the present 
invention. The Secure Digital Content Electronic Distribution System 100 encompasses 
several business elements that comprise an end-to-end solution, including: Content 

Provider(s) 101 or the proprietors of the Digital Content Content Hosting Site 111, 

Transmission Infrastructures 107, and End-User Device(s) 109. Each of these business 
elements use various components of the Secure Digital Content Electronic Distribution 
System 100. A high level description of these business elements and system components, 
as they pertain specifically to electronic Content 1 13 distribution, follows. 

1. Content Provider(s) 101 

Content Provider(s) 101 or content proprietor(s) are owners of original Content 113 
and/or distributors authorized to package independent Content 1 13 for further 
distribution. Content Provider(s) 101 may exploit their rights directly or license Content 
113 to the Electronic Digital Content Store(s) 103, or Intermediate Market Partners (not... 
...101 include Sony, Time- Warner, MTV, IBM, Microsoft, Turner, Fox and others. 

Content Provider(s) 101 use tools provided as part of the Secure Digital Content 
Electronic Distribution System 100 in order to prepare their Content 113 and related 
data for distribution. A Work Flow Manager Tool 154 schedules Content 1 13 to be... 
...are packed in SCs (described below) by the SC Packer Tool and stored in a content 
hosting site and/or promotional web site for electronic distribution. The content hosting 
site can reside at the Content Provider(s) 101 or in multiple locations, including 

Electronic Digital Content Store(s) 103 and Intermediate Market Partners are Web 

sites that provide electronic downloads of software. 

Within their services, Electronic Digital Content Store(s) 103 implement certain 
functions of the Secure Digital Content Electronic Distribution System 100. Electronic 
Digital Content Store(s) 103 aggregate information from the Content Provider(s) 101, 
pack content and metadata in additional SCs, and deliver those SCs to consumers or 
businesses as part of a service or application. Electronic Digital Content Store(s) 103 use 
tools provided by the Secure Digital Content Electronic Distribution System 100 to 
assist with: metadata extraction, secondary usage conditions, SC packaging, and tracking 
of electronic content transactions. The secondary usage conditions data can include retail 

business offers such as Content 113 purchase Electronic Digital Content Store(s) may 

elect to host the SCs containing the Digital Content at its local site and/or utilize the 
hosting and distribution facilities of another Content hosting site. 

The Electronic Digital Content Store(s) can provide customer service for any questions or 
problems that an End-User(s) may have using the Secure Digital Content Electronic 
Distribution System 100, or the Electronic Digital Content Store(s) 103 may contract 
their customer service support to the Clearinghouse(s) 105. 



3. Intermediate Market Partners (not shown) 



In an alternate embodiment, the Secure Digital Content Electronic Distribution System 
100 can be used to provide Content 1 13 securely to other businesses called Intermediate 
Market Partners. These partners may include digital content-related companies offering a 
non-electronic service, such as televisions stations or video clubs, radio stations or record 
clubs, that distribute Content 1 13. These Partners may also include other trusted parties 
who handle material as part of making or marketing sound recordings, such as record 

studios, replicators transactions such as refunds, transmission failures, and purchase 

disputes. The Clearinghouse(s) 105 can be operated as an independent entity, providing a 
trusted custodian for rights management and metering. It provides billing and settlement 
as required. Examples of electronic Clearinghouse(s) include Secure-Bank.com and 

Secure Electronic Transaction (SET) from Visa End-User Device(s) 109 can be any 

player device that contains an End-User Player Application 195 (described later) 
compliant with the Secure Digital Content Electronic Distribution System 100 
specifications. These devices may include PCS, set top boxes (IRDs), and Internet 

appliances. The End-User Player Application 195 could be implemented in or 

consumer electronics hardware. In addition to performing play, record, and library 
management functions, the End-User Player Application 195 performs SC processing to 
enable rights management in the End-User Device(s) 109. The End-User Device(s) 109 

manages the download and storage of the SCs containing the Digital Content are used 

throughout this to mean through the use or running-on an End-User Device(s) 109. 

6. Transmission Infrastructures 107 

The Secure Digital Content Electronic Distribution System 100 is independent of the 
transmission network connecting the Electronic Digital Content Store(s) 103 and End- 
User Device(s) 109. It supports both designed for a point-to-point distribution model 

can be adapted to support a broadcast distribution model as well. 

C. System Uses 

The Secure Digital Content Electronic Distribution System 100 enables the secure 
delivery of high-quality, electronic copies of Content 1 13 to End-User Device(s) 109, 
whether consumer or business, and to regulate and track usage of the Content 113. 

The Secure Digital Content Electronic Distribution System 100 could be deployed in a 
variety of consumer and business-to-business services using both new and existing 
distribution channels. Each particular service could use a different financial model that 
can be enforced through the rights management features of the Secure Digital Content 
Electronic Distribution System 100. Models such as wholesale or retail purchase, pay- 
per-listen usage, subscription services, copy/no-copy restrictions, or redistribution could 
be implemented through the rights management of the Clearinghouse(s) 105 and the 
End-User Player Application 195 copy protection features. 



The Secure Digital Content Electronic Distribution System 100 allows Electronic 
Digital Content Store(s) 103 and Intermediate Market Partners a great deal of flexibility 

in creating services that sell Content 113 and metered so that they can receive 

appropriate compensation for the licensing of Content 113. 

II. CRYPTOGRAPHY CONCEPTS AND THEIR APPLICATION TO THE SECURE 
DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 

License Control in the Secure Digital Content Electronic Distribution System 100 is 
based on the use of cryptography. This section introduces basic cryptography 
technologies of the present invention. The use of public key encryption, symmetric key 
encryption, digital signatures, digital watermarks and digital certificates is known. 

A. Symmetric Algorithms 

In the Secure Digital Content Electronic Distribution System 100 the Content 

Provider(s) 101 encrypts the content using symmetric algorithms. They are called 
symmetric algorithms because the same key is used to encrypt and decrypt data. The data 
sender and the message recipient must share the key. The shared key is referred to here as 
the symmetric key. The Secure Digital Content Electronic Distribution System 100 
architecture is independent of the specific symmetric algorithm selected for a particular 
implementation. 

Common symmetric algorithms are DES, RC2 and RC4. Both DES using Microsoft's 

CryptoAPI, running on a 120-MHZ, Pentium-based computer with Windows NT 4.0. 

B. Public Key Algorithms 

In the Secure Digital Content Electronic Distribution System 100, symmetric keys and 
other small data pieces are encrypted using public keys. Public key algorithms use two 
keys. The two keys are mathematically. ..6 kilobits/second with a 512-bit modulus and 7.4 
kilobits/second with a 1024-bit modulus. 

C. Digital Signature 

In the Secure Digital Content Electronic Distribution System 100, the issuer of SC(s) 
protects the integrity of SC(s) by digitally signing it. In general, to create a digital 

signature of the recovered one. If the message has not being altered during 

distribution, the calculated digest and recovered digest must be equal. 

In the Secure Digital Content Electronic Distribution System 100, since SC(s) contain 
several data parts, a digest is calculated for each part and a summary digest is calculated 

for the concatenated recipient of the message uses the entity's name from the 

certificate to decide whether or not to accept the message. 



In the Secure Digital Content Electronic Distribution System 100, every SC(s), except 
those issued by the End-User Device(s) 109, includes the certificate of the creator of the 

SC(s many End- User(s) do not bother to acquire a certificate or have certificates 

issued by non bona-fide Certification Authorities. In the Secure Digital Content 
Electronic Distribution System 100, the Clearinghouse(s) 105 has the option of issuing 
certificates to the Electronic Digital Content Store(s) 103. This allows the End-User 
Device(s) 109 to independently verify that the Electronic Digital Content Store(s) 103 
have been authorized by the Secure Digital Content Electronic Distribution System 100. 

E. Guide To The SC(s) Graphical Representation 

This document uses a drawing to graphically represent SC(s) that shows encrypted parts, 

non symmetric key in this case). Another encrypted object, in this example a 

Transaction ID encrypted object 205 is shown. And Usage Conditions 206 for content 
licensing management as described below. The SC(s) 200 comprises Usage Conditions 
206, Transaction ID encrypted object 205, an Application ID encrypted object 207, and 

encrypted symmetric created and decrypted in this process overview is a general 

SC(s). It does not represent any of the specific SC(s) types used for rights management 
in the Secure Digital Content Electronic Distribution System 100. The process consists 
of the steps described in FIG. 3 for encryption process. 

Process Flow for Encryption Process of FIG. 3 

Process Flow for Decryption Process of FIG. 4 

IE. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
FLOW 

The Secure Electronic Digital Content Distribution System 100, consists of several 
components that are used by the different participants of the system. These participants 

include the Content Provider(s) 101, Electronic via End-User Device(s) 109 and the 

Clearinghouse(s) 105. A high level system flow is used as an overview of the Secure 
Digital Content Electronic Distribution System 100. This flow outlined below tracks 
Content as it flows throughout the System 100. Additionally it outlines the steps used by 

the participants to of the Digital Content e.g. music, video and program and electronic 

distribution systems broadcast. 

The following process flow in illustrated in FIG. 1. 

IV. RIGHTS MANAGEMENT ARCHITECTURE MODEL 

A. Architecture Layer Functions 

FIG. 5 is a block diagram of the Rights Management Architecture of the Secure Digital 
Content Electronic Distribution System 100. Architecturally, four layers represent the 
Secure Digital Content Electronic Distribution System 100: the License Control Layer 



501, the Content Identification Layer 503, Content Usage Control Layer 505, and the 

Content Formatting Layer 507. The overall required that the output from one layer 

satisfies format and semantics acceptable to the adjacent layer. 

The License Control Layer 501 ensures that: 

. the Digital Content is protected during distribution against illegal interception and 
tampering; 

. the Content 113 originates from a rightful content owner and is distributed by a 

licensed distributor, e.g. Electronic Digital Content Store(s) 103; 

. the Digital Content purchaser has a properly licensed application; 

. the distributor is paid native representation in the content owner's facilities into a 

form that is consistent with the service features and distribution means of the Secure 
Digital Content Electronic Distribution System 100. The conversion processing may 
include compression encoding and its associated preprocessing, such as frequency 

equalization and amplitude dynamic adjustment. For Content 113 which 113 also 

needs to be processed to achieve a format appropriate for playback or transfer to a 
portable device. 

B. Function Partitioning and Flows 

The Rights Management Architectural Model is shown in FIG. 5 and this illustrates the 
mapping of the architectural layers to the operating components making up the Secure 
Digital Content Electronic Distribution System 100 and the key functions in each layer. 

1. Content Formatting Layer 507 

The general functions associated with the Content Formatting Layer 507 are 113 and 

its transmission time. Any compression algorithm appropriate for the type of Content 113 
and transmission medium can be used in the Secure Digital Content Electronic 
Distribution System 100. For music, MPEG 1/2/4, Dolby AC-2 and AC-3, Sony 
Adaptive Transform Coding (ATRAC), and low-bit rate algorithms are some of the 

typically Transaction 541 and the License Authorization 543 are complete and 

authentic, that the Electronic Digital Content Store(s) 103 has authorization from the 
Secure Digital Content Electronic Distribution System 100 for the sale of electronic 
Content 1 13, and that the End-User(s) has a properly licensed application. 
Audit/Reporting 545 allows the generation of reports and the sharing of licensing 
transaction information with other authorized parties in the Secure Electronic Digital 
Content Distribution System 100 

License control is implemented through SC Processing 533. SC(s) are used to distribute 
encrypted Content 113 and information among the system operation components (more 
about the SC(s) detailed structure sections below). A SC is cryptographic carrier of 



information that from reputable Certificate Authorities that are used to authenticate 

those components. The End-User Device(s) 109 are not required to have digital 
certificates. 

C. Content Distribution and Licensing Control 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 
Licensing Control as it applies to the License Control Layer of FIG. 5. The figure depicts 

the case in which the Electronic Digital Content each Content 113 object, the 

Metadata SC(s) 620 also carries the Store Usage Conditions 519 associated with the 
Content Usage Control Layer 505. 

The Content Provider(s) 101 distributes the Metadata SC(s) 620 to one or more 
Electronic Digital Content Store(s) 103 (step 601) and the Content SC(s) 630 to one... 
...End-User Device(s) 109, the Clearinghouse(s) 105 verifies: 

1. that the Electronic Digital Content Store(s) 103 has authorization from the Secure 
Digital Content Electronic Distribution System 100 (exists in the Database 160 of the 
Clearinghouse(s) 105); 

2. that the Order SC(s) 650 has not been altered; 

3. that was used to encrypt the encrypted part. 

If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 
B. Rights Management Language Syntax and Semantics 

The Rights Management Language consists of parameters that can be assigned values to 
define restrictions on the use of the Content 1 13 by an End-User(s) after.. .Key 623 bit 
string that was used to encrypt the part. 

VII. CLE ARINGHOUS E(S ) 105 

A. Overview 

The Clearinghouse(s) 105 is responsible for the rights management functions of the 
Secure Digital Content Electronic Distribution System 100. Clearinghouse(s) 105 
functions include enablement of Electronic Digital Content Store(s) 103, verification of 
rights to Content 113, integrity and authenticity validation of the buying transaction and 
related information, distribution of Content encryption keys or Symmetric Keys 623 to 
End-User Device(s) 109, tracking the distribution of those keys, and reporting of 
transaction summaries to Electronic Content Store(s) Embodiment 

An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 



to one or more of the Digital Content Provider(s) 101 that provide Content 1 13 to the 
Secure Digital Content Electronic Distribution System 100. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital content s) 105 is contacted, usually via E-mail, with a request that the 

Electronic Digital Content Store(s) 103 be added to the Secure Digital Content 
Electronic Distribution System 100. The digital content label provides the name of the 
Electronic Digital Content Store(s) 103 and any other information that may be... End-User 
Device(s) 109 verifies that the Electronic Digital Content Store(s) 103 is a valid 
distributor of Content 113 on the Secure Digital Content Electronic Distribution System 
100 by first checking the digital certificate revocation list and then using the Public Key 

621 of the Clearinghouse(s) 105 to verify the information in the digital 660 it 

determines whether a new revocation list is included and if so, the local revocation list on 
the End-User Device(s) 109 is updated. 

B. Rights Management Processing 

Order SC(s) Analysis 

The Clearinghouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 

End-User(s Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 

that the Electronic Digital Content Store(s) 103 is authorized by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
Clearinghouse(s) 105 is the issuer of the certificates. Alternately, the Clearinghouse(s) 

105 would SC(s) 660 to the End-User Device(s) 109. The Electronic Digital Content 

Store(s) 103 is also expected to participate in managing the distribution of Content 113 
to various countries by performing the same checks as the Clearinghouse(s) 105. The 

Clearinghouse(s) 105 does whatever checking that it can in Content 1 13 purchase 

transactions and report request transactions. The information can be used for a variety of 
purposes such as audits of the Secure Digital Content Electronic Distribution System 
100, generation of reports, and data mining. 

The Clearinghouse(s) 105 also maintains account balances in Billing Subsystem 182 for 

the Electronic Digital Content Store(s) 103 so that the Electronic Digital Content 

Store(s) 103 can charge the End-User(s)' credit card. 

G. Retransmissions 

The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 1 13. This is typically performed by a Customer 

Service Interface 184. Electronic Digital Content Store the End-User(s) for the 

purchase of the Content 113. 

VIII. CONTENT PROVIDER 



A. Overview 



The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 
System 100 is the digital content label or the entity who owns the rights to the Content 
113. The role of the Content Provider(s) 101 is to prepare the Content 1 13 for 
distribution and make information about the Content 113 available to Electronic Digital 
Content Store(s) 103 or retailers of the downloadable electronic versions of the Content... 
...that the Content 1 13 is secure when it leaves the Content Provider(s) 101 domain and 
never exposed or accessible by unauthorized parties. This allows Content 1 13 to be 
freely distributed throughout a non-secure network, such as the Internet, without fear of 
exposure to hackers or unauthorized parties. 

The end goal of the tools for Content 1 13 and information and calls the SC(s) Packer 

to pack into SC(s). 

( Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centers, such as Content Hosting Site(s) 111 and Electronic Digital Content Store(s) 103. 

( Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally additional 
promotional. .the song file remain available until after Content Quality Control Process 
810. 

1 1 . Encryption Process 8 1 1 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion.. .of media, such as several audio CDS, can be queued up so 
as to enable the Automatic Metadata Acquisition Tool to create a series of Content 113 
for electronic distribution. For example, all the Content 113 could be created from a 
series of CDS or even selected tracks from one or more CDS examined by the Content 

Provider(s) 101 design and layout of this site or can choose to use a turnkey web 

server solution provided as part of the toolkit for Secure Digital Content Electronic 
Distribution System 100. To implement then own design for this service, the Content 
Provider(s) 101 need only provide links to the Metadata SC(s) 620 for Electronic Digital 
Content Store(s) 103 who access their site. This is accomplished using the toolkit for the 
Secure Digital Content Electronic Distribution System 100. The selection process and 
what information is shown is the discretion of the Content Provider(s) 101. 

Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 
The computer disk space and bandwidth needs call for a distributed, scalable 



implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 101 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 111 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
and several Secondary Content Sites (not shown) that contain the current hot hits 
offered by the Content Provider(s) 101. The number of Content Hosting Site(s) 111 
changes times. 

Should the Content Provider(s) 101 choose to host all of their Content 1 13 in their own 
system, they can act as a single Content Hosting Site 111 with or without additional 
Secondary Content Sites. This allows them to build their own scalable distributed 
system. In another embodiment, Electronic Digital Content Store(s) 103 can also act as 

Content Hosting Site(s) 1 1 1 for certain Content 1 13. This embodiment or the 

download request may be redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 1 1 1 provided by the Secure Digital Content Electronic 
Distribution System 100 

For the Secure Digital Content Electronic Distribution System 100 the decision of 
which site should be used to download the Content 1 13 is made by the primary content 
site that received the to make this decision: 

( Are there secondary content sites that host the Content 113 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
is only located at primary sites); 

( Where is the End-User Device(s) 109 geographically located? (This information can be 
obtained from the is allowed to download the Content 1 13. 

Secondary Content Sites 

The Secondary Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPS) to improve 
download times. These sites are for Multiple Electronic Digital Content Store(s) 103 

Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities 
who market the Content 1 13 to be distributed to the customer. For distribution of 
Content 1 13, this would include Digital Content Retailing Web Sites, Digital Content 



Retail Stores, or any business who wishes to get involved in marketing electronic 

Content Store(s) 103 is accomplished via a set of tools developed for the Electronic 

Digital Content Store(s) 103 as part of the Secure Digital Content Electronic 
Distribution System 100. 

These tools are used by the Electronic Digital Content Store(s) 103 to: 

( acquire the Metadata SC(s) 620 packaged by the Content the main variant between 

the broadcast based service offering and the point-to-point interactive web service type 
offering. 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1. Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 

downloadable electronic Content 1 13 to batch driven and can be largely automated 

and is executed only to integrate new Content 1 13 into the site. 

The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 

implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System 100, it would simply need to indicate which products in its inventory are also 

available for electronic download and allow its customers to select all electronic 

downloads. It simply passes the required information and all processing from that point 
on is handled by the toolset for the Secure Digital Content Electronic Distribution 
System 100. In another embodiment, other methods of transaction handling are also 
possible using tools for the Secure Digital Content Electronic Distribution System 100 
to handle the financial settlement should the Electronic Digital Content Store(s) 103 wish 
to sell downloadable merchandise only or to segregate the... to retain a cross reference of 
the Content 113 being offered to this Product ID to properly interface with the tools for 
the Secure Digital Content Electronic Distribution System 100. Providing this 
information here, allows the Electronic Digital Content Store(s) 103 to integrate this 

product or Content 113 into its inventory and only used by the Electronic Digital 

Content Store(s) 103 as input to his web service database is removed from the Metadata 
SC(s) 620. Rights management information provided by the Content Provider(s) 101, 
such as watermarking instructions, encrypted Symmetric Keys 623, and Usage 

Conditions 517 defining the permitted uses of new Content 113 has been placed in the 

Content Promotions Web Site 156. 



None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows 100 but are provided as options to allow the Electronic 

Digital Content Store(s) 103 the opportunity to close its records on the is an optional 

process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the Clearinghouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 

Broadcast primarily refers to a one to many transmission method where there is no 

personal interaction between the End-User Device(s) 109 and Content 113 as well as 

prepare SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to 
manage and prepare Content 1 13 for distribution on a broadcast infrastructure. The 
SC(s) distributed over a Web service are the same as those distributed over a broadcast 
service. 

X. END-USER DEVICE(S) 109 

The applications in the End-User Device(s) 109 for the Secure Digital Content 
Electronic Distribution System 100 perform two main functions: first the SC(s) 
processing and copy control; and second playback of encrypted Content 113. Whether the 

End-User to the downloadable objects, the End-User(s) may have a combination of 

physical and electronic downloadable merchandise in his shopping cart. The Secure 
Digital Content Electronic Distribution End-User Device(s) 109 are not involved until 
after the End-User(s) checks out and submits his final purchase authorization to the 
Electronic... of times. Until such time as the copy control standards are more stable, 
alternative methods of copy control have been provided in the Secure Digital Content 
Electronic Distribution System 100 so that it does not rely on the copy control 
watermark in order to provide rights management in the consumer device. Storage and p 
lay/record usage conditions security is implemented utilizing encrypted DC Library 

Collections 196 that are tied to the algorithm. Thus use of widely accepted and 

proven industry standard algorithms can be used thus further enhancing Digital Content 
Industry acceptance of the Secure Digital Content Electronic Distribution System 100. 

The second purpose of this Decryption and Re-Encryption 194 process is to remove the 

requirement that the original master encryption Key 623 to encrypt the Content 1 13 is 

used for any associated metadata needing to be encrypted. 

D. The Player Application 195 
1. Overview 



The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to as handle requests for information about the stored songs. 

6. Inter- application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 

plug-in, etc) that may invoke the Player Application 195, or that the Player by the 

Player Application 195. A typical audio enthusiast has a library of CDS holding songs. 
All of these are available within the Secure Digital Content Electronic Distribution 
System 100. The set of songs that have been purchased from Electronic Digital Content 
Store(s) 103 are stored within a Digital Content Library 196... 

Specification: ...to have digital certificates. C. Content Distribution and Licensing 
Control 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 
Licensing Control as it applies to the License Control Layer of FIG. 5. The figure depicts 

the case in which each Content 1 13 object, the Metadata SC(s) 620 also carries the 

Store Usage Conditions 519 associated with the Content Usage Control Layer 505. 

The Content Provider(s) 101 distributes the Metadata SC(s) 620 to one or more 
Electronic Digital Content Store(s) 103 (step 601) and the Content SC(s) 630 to one... 
...User Device(s) 109, the Clearinghouse(s) 105 verifies: 

1.1. that the Electronic Digital Content Store(s) 103 has authorization from the Secure 
Digital Content Electronic Distribution System 100 (exists in the Database 160 of the 
Clearinghouse(s) 105); 

2. 2. that the Order SC(s) 650 has not been altered; 

3 was used to encrypt the encrypted part. 

If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 
B. Rights Management Language Syntax and Semantics 

The Rights Management Language consists of parameters that can be assigned values to 
define restrictions on the use of the Content 113 by an End-User(s) after.. .Key 623 bit 
string that was used to encrypt the part. 

VII. CLEARINGHOUSE(S) 105 

A. Overview 



The Clearinghouse(s) 105 is responsible for the rights management functions of the 
Secure Digital Content Electronic Distribution System 100. Clearinghouse(s) 105 
functions include enablement of Electronic Digital Content Store(s) 103, verification of 
rights to Content 113, integrity and authenticity validation of the buying transaction and 
related information, distribution of Content encryption keys or Symmetric Keys 623 to 
End-User Device(s) 109, tracking the distribution of those keys, and reporting of 
transaction summaries to Electronic Content Store(s) Embodiment 

An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 
to one or more of the Digital Content Provider(s) 101 that provide Content 1 13 to the 
Secure Digital Content Electronic Distribution System 100. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital content s) 105 is contacted, usually via E-mail, with a request that the 

Electronic Digital Content Store(s) 103 be added to the Secure Digital Content 
Electronic Distribution System 100. The digital content label provides the name of the 
Electronic Digital Content Store(s) 103 and any other information that may be required 
for the Clearinghouse(s) 105... End-User Device(s) 109 verifies that the Electronic Digital 
Content Store(s) 103 is a valid distributor of Content 1 13 on the Secure Digital Content 
Electronic Distribution System 1 00 by first checking the digital certificate revocation 
list and then using the Public Key 621 of the Clearinghouse(s) 105 to verify the 

information in the digital 660 it determines whether a new revocation list is included 

and if so, the local revocation list on the End-User Device(s) 109 is updated. 

B. Rights Management Processing 

Order SC(s) Analysis 

The Clearinghouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 

End-User(s Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 

that the Electronic Digital Content Store(s) 103 is authorized by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
Clearinghouse(s) 105 is the issuer of the certificates. Alternately, the Clearinghouse(s) 

105 would SC(s) 660 to the End-User Device(s) 109. The Electronic Digital Content 

Store(s) 103 is also expected to participate in managing the distribution of Content 113 
to various countries by performing thesame checks as the Clearinghouse(s) 105. The 

Clearinghouse(s) 105 does whatever checking that it can in case Content 113 

purchase transactions and report request transactions. The information can be used for a 
variety of purposes such as audits of the Secure Digital Content Electronic Distribution 
System 100, generation of reports, and data mining. 

The Clearinghouse(s) 105 also maintains account balances in Billing Subsystem 182 for 

the Electronic Digital Content Store(s) 103 so that the Electronic Digital Content 

Store(s) 103 can charge the End-User(s)' credit card. 

G. Retransmissions 



The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 113. This is typically performed by a Customer 

Service Interface 184. Electronic Digital Content Store the End-User(s) for the 

purchase of the Content 113. 

VIII. CONTENT PROVIDER 

A. Overview 

The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 
System 100 is the digital content label or the entity who owns the rights to the Content 
113. The role of the Content Provider(s) 101 is to prepare the Content 1 13 for 
distribution and make information about the Content 113 available to Electronic Digital 
Content Store(s) 103 or retailers of the downloadable electronic versions of the Content... 
...that the Content 113 is secure when it leaves the Content Provider(s)' 101 domain and 
never exposed or accessible by unauthorized parties. This allows Content 1 13 to be 
freely distributed throughout a non-secure network, such as the Internet, without fear of 
exposure to hackers or unauthorized parties. 

The end goal of the tools for Content 1 1 3 and information and calls the SC(s) Packer 

to pack into SC(s). 

. Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centers, such as Content Hosting Site(s) 111 and Electronic Digital Content Store(s) 103. 

. Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally additional 
promotional... the song file remain available until after Content Quality Control Process 
810. 

1 1 . Encryption Process 8 1 1 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion... of media, such as several audio CDS, can be queued up so 
as to enable the Automatic Metadata Acquisition Tool to create a series of Content 113 
for electronic distribution. For example, all the Content 113 could be created from a 
series of CDS or even selected tracks from one or more CDS examined by the Content 

Provider(s) 101 design and layout of this site or can choose to use a turnkey web 

server solution provided as part of the toolkit for Secure Digital Content Electronic 
Distribution System 100. To implement their own design for this service, the Content 
Provider(s) 101 need only provide links to the Metadata SC(s) 620 for Electronic Digital 
Content Store(s) 103 who access their site. This is accomplished using the toolkit for the 
Secure Digital Content Electronic Distribution System 100. The selection process and 
what information is shown is the discretion of the Content Provider(s) 101. 



Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 
The computer disk space and bandwidth needs call(underscore)for a distributed, scalable 
implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 101 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 1 1 1 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
and several Secondary Content Sites (not shown) that contain the current hot hits 
offered by the Content Provider(s) 101. The number of Content Hosting Site(s) 111 
changes times. 

Should the Content Provider(s) 101 choose to host all of their Content 1 13 in their own 
system, they can act as a single Content Hosting Site 111 with or without additional 
Secondary Content Sites. This allows them to build their own scalable distributed 

system. In another embodiment, Electronic Digital Content Store(s) 103 can also act as 

Content Hosting Site(s) 111 for certain Content 113. This embodiment or the 

download request may be redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 111 provided by the Secure Digital Content Electronic 
Distribution System 100 

For the Secure Digital Content Electronic Distribution System 100 the decision of 
which site should be used to download the Content 1 13 is made by the primary content 
site that received the to make this decision: 

. Are there secondary content sites that host the Content 1 13 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
is only located at primary sites); 

. Where is the End-User Device(s) 109 geographically located? (This information can be 
obtained from the is allowed to download the Content 1 13. 



Secondary Content Sites 



The Secondary Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPS) to improve 
download times. These sites are for Multiple Electronic Digital Content Store(s) 103 

Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities 
who market the Content 1 13 to be distributed to the customer. For distribution of 
Content 113, this would include Digital Content Retailing Web Sites, Digital Content 
Retail Stores, or any business who wishes to get involved in marketing electronic 

Content Store(s) 103 is accomplished via a set of tools developed for the Electronic 

Digital Content Store(s) 103 as part of the Secure Digital Content Electronic 
Distribution System 100. 

These tools are used by the Electronic Digital Content Store(s) 103 to: 

. acquire the Metadata SC(s) 620 packaged by the Content the main variant between 

the broadcast based service offering and the point-to-point interactive web service type 
offering. 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1 . Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 

downloadable electronic Content 1 13 to batch driven and can be largely automated 

and is executed only to integrate new Content 113 into the site. 

The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 

implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System 100, it would simply need to indicate which products in its inventory are also 
available for electronic download and allow its customers to select... all electronic 
downloads. It simply passes the required information and all processing from that point 
on is handled by the toolset for the Secure Digital Content Electronic Distribution 
System 100. In another embodiment, other methods of transaction handling are also 
possible using tools for the Secure Digital Content Electronic Distribution System 100 
to handle the financial settlement should the Electronic Digital Content Store(s) 103 wish 

to sell downloadable merchandise only or to segregate the to retain a cross reference 

of the Content 113 being offered to this Product ID to properly interface with the tools for 



the Secure Digital Content Electronic Distribution System 100. Providing this 
information here, allows the Electronic Digital Content Store(s) 103 to integrate this 

product or Content 113 into its inventoiy and only used by the Electronic Digital 

Content Store(s) 103 as input to his web service database is removed from the Metadata 
SC(s) 620. Rights management information provided by the Content Provider(s) 101, 
such as watermarking instructions, encrypted Symmetric Keys 623, and Usage 

Conditions 517 defining the permitted uses of new Content 113 has been placed in the 

Content Promotions Web Site 156. 

None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows 100 but are provided as options to allow the Electronic 

Digital Content Store(s) 103 the opportunity to close its records on the is an optional 

process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the Clearinghouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 

Broadcast primarily refers to a one to many transmission method where there is no 

personal interaction between the End-User Device(s) 109 and Content 113 as well as 

prepare SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to 
manage and prepare Content 1 13 for distribution on a broadcast infrastructure. The 
SC(s) distributed over a Web service are the same as those distributed over a broadcast 
service. 

X. END-USER DEVICE(S) 109 

The applications in the End-User Device(s) 109 for the Secure Digital Content 
Electronic Distribution System 100 perform two main functions: first the SC(s) 
processing and copy control; and second playback of enciypted Content 113. Whether the 

End-User to the downloadable objects, the End-User(s) may have a combination of 

physical and electronic downloadable merchandise in his shopping cart. The Secure 
Digital Content Electronic Distribution End-User Device(s) 109 are not involved until 
after the End-User(s) checks out and submits his final purchase authorization to the 
Electronic... of times. Until such time as the copy control standards are more stable, 
alternative methods of copy control have been provided in the Secure Digital Content 
Electronic Distribution System 100 so that it does not rely on the copy control 
watermark in order to provide rights management in the consumer device. Storage and p 
lay/record usage conditions security is implemented utilizing encrypted DC Library 
Collections 196 that are tied to the algorithm. Thus use of widely accepted and 



proven industry standard algorithms can be used thus further enhancing Digital Content 
Industry acceptance of the Secure Digital Content Electronic Distribution System 100. 

The second purpose of this Decryption and Re- Encryption 194 process is to remove the 

requirement that the original master encryption Key 623 to encrypt the Content 1 13 is 

used for any associated metadata needing to be encrypted. 

D. The Player Application 195 

1. Overview 

The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to as handle requests for information about the stored songs. 

6. Inter- application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 

plug-in, etc) that may invoke the Player Application 195, or that the Player by the 

Player Application 195. A typical audio enthusiast has a library of CDS holding songs. 
All of these are available within the Secure Digital Content Electronic Distribution 
System 100. The set of songs that have been purchased from Electronic Digital Content 
Store(s) 103 are stored within a Digital Content Library 196... 

Claims: ...resistant environment to prevent unauthorized access thereto. 

7. A system for tracking usage of digital content on user devices, said system comprising: 

a plurality of content sites for distributing digital content over computer readable 
medium to users, wherein the content contains a unique content identifier associated 
therewith; 

a plurality of electronic stores for granting licenses to... 
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Specification: ...The invention disclosed broadly relates to the field of electronic 
commerce and more particularly to a system and related tools for the secure delivery and 
rights management of digital assets, such as print media, films, games, and music over 
computer readable medium such as CDS and DVDs and over global communications 

networks However, in the case of electronic distribution, the tangible medium is no 

longer needed. The cost of the tangible medium is not a factor because content is 
distributed electronically. A second barrier, is the format of the content itself i.e. is the 
content stored in an analog format versus a digital format... of copies can be as clear and 
crisp as the original. The aggregate effect of perfect digital copies combined with the 
very low cost to distribute content electronically and to distribute content widely over 
the Internet makes it relatively easy to pirate and distribute unauthorised copies. With a 
couple of keystrokes, a pirate can send hundreds or even of thousands of perfect copies of 
digital content over the Internet. Therefore a need exists to ensure the protection and 
security of digital assets distributed electronically. 

Providers of digital content desire to establish a secure, global distribution system for 
digital content that protects the rights of content owners. The problems with establishing 
a digital content distribution system includes developing systems for digital content 
electronic distribution, rights management, and asset protection. Digital content that is 
distributed electronically includes content such as print media, films, games, programs, 
television, multimedia, and music. 

The deployment of an electronic distribution system provides the digital content 
providers the ability to achieve fast settlement of payment through immediate sales 
reporting and electronic reconciliation as well as gain secondary sources of revenue 
through redistribution of content. Since the electronic digital content distribution system 
is not affected by physical inventory outages or returns, the digital content providers and 

retailers may realise reduced costs and improved margins. Digital content immediate 

feedback on electronic marketing programs and promotions. In order to meet these goals, 
a need exists for digital content providers to use an electronic distribution model to 
make digital content available to a wide range of users and businesses while ensuring 
protection and metering of digital assets. 

Other commercially available electronic distribution systems for digital content, such as 
real audio, A2B from AT&T, Liquid Audio Pro from Liquid Audio Pro Corp., City 
Music Network from Audio Soft and others offer transmission of digital data over 
secured and unsecured electronic networks. The use of secured electronic networks 
greatly reduces the requirement of digital content providers of distributing digital to a 
wide audience. The use of unsecured networks such as the Internet and Web allows the 



digital content to arrive to an end user's machine, the digital content is readily 

available to the end-user for unauthorised re-distribution. Therefore a need exists for a 
secure digital content electronic distribution system that provides protection of digital 
assets and ensures that the Content Provider(s)' rights are protected even after the digital 
content is delivered to consumers and businesses. A need thus exists for rights 
management to allow for secure delivery, licensing authorisation, and control of the 
usage of digital assets. 

Another reason owners of digital content have been slow to embrace electronic 
distribution is their desire to maintain and foster existing channels of distribution. Most 
content owners sell through retailers. In the music market these U.S. retailers include 
Tower Records, Peaches, Blockbuster, Circuit City and others. Many of these retailers... 
...of electronic content such as pictures, games, music, programs and videos a way to 
differentiate themselves from each other and the content owners when selling music 
through electronic distribution. 

Content owners prepare their digital content for electronic distribution through 
distribution sites such as electronic stores. Electronic stores on the Internet, or through 
other online services, want to differentiate themselves from each other by their product... 
...provide a solution to these requirements. 

Still, another reason owners of digital content have been slow to embrace electronic 
distribution is the difficulty in preparing content for electronic distribution. Today, 
many providers of content have thousands or even tens of thousands of titles in their 

portfolio. In a music example, it is not unusual for a content owner to for musical 

sound tracks to movies and other collections or compilations. As more content is offered 
digitally, the need to re-mix and encode the content for electronic distribution grows. 
Many times providers need to use old recording formats as guides to select the correct 

master sound recordings and have these sound recordings reprocessed exists to 

provide content providers a method to automatically retrieve associated data and master 
recordings for content such as audio. 

Content owners prepare their digital content for electronic distribution through a 
process known as encoding. Encoding involves taking the content, digitising it, it the 

content is presented in an analog format, and compressing it progress of the encoding 

process. Accordingly, a need exists to overcome these problems. 

Still another reason digital content providers have been slow to adopt electronic 
distribution for their content is lack of standards for creating digital players on end-user 
devices for electronically delivered content. Content providers, electronic stores, or 

others in the electronic content without allowing the end user to have access to the 

content for uses other than what was purchased. 

Still, another problem is with digital content electronic distribution systems is the length 
of time it takes to download content over standard telephone and cable lines. It is not 
uncommon for music that is secured mariner which has many of the advantages of 



electronic distribution without the need for large bandwidth telecommunications 
connections, The providing of a solution for distribution of digital content both over 
telecommunications line and on computer readable may result in two disparate systems 
being deployed. A need exists for a system that provides the distribution of digital 
content either via a telecommunications line or via computer readable medium without 
having to duplicate the tools and components for: (1) rights management for the 
protection of ownership rights of the content proprietor; (2) transaction metering for 
immediate and accurate compensation; and (3) an open architecture. 

Further information on the background of protecting digital of example only, with 

reference to the accompanying drawings in which: 

FIG. 1 is a block diagram illustrating an over view of a Secure Digital Content 
Electronic Distribution System; 

FIG. 2 is a block diagram illustrating an example Secure Container (SC) and the 
associated graphical representations; 

FIG. 3 is a block diagram illustrating overview of the de-encryption process for a 

Secure Container (SC); 

FIG. 5 is a block diagram illustrating an overview of the layers for the Rights 
Management Architecture of the Secure Digital Content Distribution System of FIG. 1; 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 
Licensing Control as it applies to the License Control Layer of FIG. 5; 

FIG. 7 is an illustration of an example user interface for additional information for the 

Automatic Metadata Acquisition Tool of FIG. 8; 

FIG. 18 is a block diagram of an alternative embodiment of FIG. 10 to distribute 
content on a computer readable storage medium according to the present invention; and 

FIG. 19 is a flow diagram of the alternative embodiment of FIG. 18 sections in this 

embodiment. 

The invention as claimed is particularly described in X.A.2 with reference to figures 18 
and 19. 
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I. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
A. System Overview 

The Secure Digital Content Electronic Distribution System is a technical platform that 
encompasses the technology, specifications, tools, and software needed for the secure 
delivery and rights management of Digital Content and digital content-related content to 
an end-user, client device. The End-User Device(s) include PCS, set top boxes (IRDs... 
...refers to information and data stored in a digital format including: pictures, movies, 
videos, music, programs, multimedia and games. 

The technical platform specifies how Digital Content is prepared, securely distributed 
through point-to-point and broadcast infrastructures (such as cable, Internet, satellite, and 
wireless) licensed to End-User Device(s), and protected against unauthorised copying... 
...of various technologies such as watermarking, compression/encoding, encryption, and 
other security algorithms as they evolve over time. 

The base components of the Secure Digital Content Electronic Distribution System are: 

(1) rights management for the protection of ownership rights of the content proprietor; 

(2) transaction metering for immediate and accurate compensation; and (3) an open and 
well-documented architecture that enables Content Provider(s) to prepare content and 
permit its secure delivery over multiple network infrastructures for playback on any 
standard compliant player. 

1. Rights Management 

Rights management in the Secure Digital Content Electronic Distribution System is 
implemented through a set of functions distributed among the operating components of 
the system. Its primary functions include: licensing authorisation and control so... 
...license, such as permitted number of copies, number of plays, and the time interval or 
term the license may be valid. A secondary function of rights management is to enable a 
means to identify the origin of unauthorised copies of content to combat piracy. 

Licensing authorisation and control are implemented through the by enabling 

intermediate or End-User(s) to unlock content after verification of a successful 
completion of a licensing transaction. Secure Containers are used to distribute encrypted 
content and information among the system components. A SC is a cryptographic carrier 
of information or content that uses encryption, digital signatures, and digital certificates 

to modification of electronic information and content. It also allows for the 

verification of the authenticity and integrity of the Digital Content. The advantage of 
these rights management functions is that the electronic Digital Content distribution 
infrastructure does not have to be secure or trusted. Therefore allowing transmission over 



network infrastructures such as the Web and Internet. This is due to content resides or 

where it comes from. This information may be used to combat illegal use of the Content. 

2. Metering 

As part of its rights management functions, the Clearinghouse(s) keeps a record of all 
transactions where a key exchange is cleared through the Clearinghouse(s). This record 

allows for the retailers, and others, on an immediate or periodic basis to facilitate 

electronic reconciliation of transaction payments and other uses. 

3. Open Architecture 

The Secure Digital Content Electronic Distribution System (System) is an open 
architecture with published specifications and interfaces to facilitate broad 

implementation and acceptance of the System in the market place while to evolve 

over time as various technologies, transmission infrastructures, and devices are delivered 
to the marketplace. 

The architecture is open regarding the nature of the Content and its format. Distribution 
of audio, programs, multimedia, video, or other types of Content ...evolve. This 
flexibility allows Content Provider(s) to pick and evolve the technologies they use for 
data compression, encryption, and formatting within the Secure Digital Content 
Electronic Distribution System. 

The architecture is also open to different distribution networks and distribution models. 
The architecture supports content distribution over low-speed Internet connections or 
high-speed satellite and cable networks and can be used with point-to-point or broadcast 
models. In addition compliant player devices. 

B. System Functional Elements 

Turning now to FIG. 1, there is shown a block diagram illustrating an overview of a 
Secure Digital Content Electronic Distribution System 100 according to the present 
invention. The Secure Digital Content Electronic Distribution System 100 encompasses 
several business elements that comprise an end-to-end solution, including: Content 

Provider(s) 101 or the proprietors of the Digital Content Content Hosting Site 111, 

Transmission Infrastructures 107, and End-User Device(s) 109. Each of these business 
elements use various components of the Secure Digital Content Electronic Distribution 
System 100. A high level description of these business elements and system components, 
as they pertain specifically to electronic Content 113 distribution, follows. 

1. Content Provider(s) 101 

Content Provider(s) 10 lor content proprietor(s) are owners of original Content 113 
and/or distributors authorised to package independent Content 1 13 for further 
distribution. Content Provider(s) 101 may exploit their rights directly or license Content 



1 13 to the Electronic Digital Content Store(s) 103, or Intermediate Market Partners (not... 
...101 include Sony, Time- Warner, MTV, IBM, Microsoft, Turner, Fox and others. 

Content Provider(s) 101 use tools provided as part of the Secure Digital Content 
Electronic Distribution System 100 in order to prepare their Content 113 and related 
data for distribution. A Work Flow Manager Tool 154 schedules Content 1 13 to be... 
...are packed in SCs (described below) by the SC Packer Tool and stored in a content 
hosting site and/or promotional web site for electronic distribution. The content hosting 
site can reside at the Content Provider(s) 101 or in multiple locations, including 

Electronic Digital Content Store(s) 103 and Intermediate Market Partners are Web 

sites that provide electronic downloads of software. 

Within their services, Electronic Digital Content Store(s) 103 implement certain 
functions of the Secure Digital Content Electronic Distribution System 100. Electronic 
Digital Content Store(s) 103 aggregate information from the Content Provider(s) 101, 
pack content and metadata in additional SCs, and deliver those SCs to consumers or 
businesses as part of a service or application. Electronic Digital Content Store(s) 103 use 
tools provided by the Secure Digital Content Electronic Distribution System 100 to 
assist with: metadata extraction, secondary usage conditions, SC packaging, and tracking 
of electronic content transactions. The secondaiy usage conditions data can include retail 

business offers such as Content 1 13 purchase Electronic Digital Content Store(s) may 

elect to host the SCs containing the Digital Content at its local site and/or utilise the 
hosting and distribution facilities of another Content hosting site. 

The Electronic Digital Content Store(s) can provide customer service for any questions or 
problems that an End-User(s) may have using the Secure Digital Content Electronic 
Distribution System 100, or the Electronic Digital Content Store(s) 103 may contract 
their customer service support to the Clearinghouse(s) 105. 

3. Intermediate Market Partners (not shown) 

In an alternate embodiment, the Secure Digital Content Electronic Distribution System 
100 can be used to provide Content 1 13 securely to other businesses called Intermediate 
Market Partners. These partners may include digital content-related companies offering a 
non-electronic service, such as televisions stations or video clubs, radio stations or record 
clubs, that distribute Content 113. These Partners may also include other trusted parties 
who handle material as part of making or marketing sound recordings, such as record 

studios, replicators transactions such as refunds, transmission failures, and purchase 

disputes. The Clearinghouse(s) 105 can be operated as an independent entity, providing a 
trusted custodian for rights management and metering. It provides billing and settlement 
as required. Examples of electronic Clearinghouse(s) include Secure-Bank.com and 

Secure Electronic Transaction (SET) from Visa End-User Device(s) 109 can be any 

player device that contains an End-User Player Application 195 (described later) 
compliant with the Secure Digital Content Electronic Distribution System 100 
specifications. These devices may include PCS, set top boxes (IRDs), and Internet 
appliances. The End-User Player Application 195 could be implemented in or 



consumer electronics hardware. In addition to performing play, record, and library 
management functions, the End-User Player Application 195 performs SC processing to 
enable rights management in the End-User Device(s) 109. The End-User Device(s) 109 

manages the download and storage of the SCs containing the Digital Content are used 

throughout this to mean through the use or running-on an End-User Device(s) 109. 

6. Transmission Infrastructures 107 

The Secure Digital Content Electronic Distribution System 100 is independent of the 
transmission network connecting the Electronic Digital Content Store(s) 103 and End- 
User Device(s) 109. It supports both designed for a point-to-point distribution model 

can be adapted to support a broadcast distribution model as well. 

C. System Uses 

The Secure Digital Content Electronic Distribution System 100 enables the secure 
delivery of high-quality, electronic copies of Content 1 13 to End-User Device(s) 109, 
whether consumer or business, and to regulate and track usage of the Content 113. 

The Secure Digital Content Electronic Distribution System 100 could be deployed in a 
variety of consumer and business-to-business services using both new and existing 
distribution channels. Each particular service could use a different financial model that 
can be enforced through the rights management features of the Secure Digital Content 
Electronic Distribution System 100. Models such as wholesale or retail purchase, pay- 
per-listen usage, subscription services, copy/no-copy restrictions, or redistribution could 
be implemented through the rights management of the Clearinghouse(s) 105 and the 
End-User Player Application 195 copy protection features. 

The Secure Digital Content Electronic Distribution System 100 allows Electronic 
Digital Content Store(s) 103 and Intermediate Market Partners a great deal of flexibility 

in creating services that sell Content 113 and metered so that they can receive 

appropriate compensation for the licensing of Content 113. 

II. CRYPTOGRAPHY CONCEPTS AND THEIR APPLICATION TO THE SECURE 
DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 

License Control in the Secure Digital Content Electronic Distribution System 100 is 
based on the use of cryptography. This section introduces basic cryptography 
technologies of the present invention. The use of public key encryption, symmetric key 
encryption, digital signatures, digital watermarks and digital certificates is known. 

A. Symmetric Algorithms 

In the Secure Digital Content Electronic Distribution System 100 the Content 

Provider(s) 101 encrypts the content using symmetric algorithms. They are called 
symmetric algorithms because the same key is used to encrypt and decrypt data. The data 



sender and the message recipient must share the key. The shared key is referred to here as 
the symmetric key. The Secure Digital Content Electronic Distribution System 100 
architecture is independent of the specific symmetric algorithm selected for a particular 
implementation. 

Common symmetric algorithms are DES, RC2 and RC4. Both DES using Microsoft's 

CryptoAPI, running on a 120-MHZ, Pentium-based computer with Windows NT 4.0. 

B. Public Key Algorithms 

In the Secure Digital Content Electronic Distribution System 100, symmetric keys and 
other small data pieces are encrypted using public keys. Public key algorithms use two 

keys. The two keys are mathematically 6 kilobits/second with a 512-bit modulus and 

7.4 kilobits/second with a 1024-bit modulus. 

C. Digital Signature 

In the Secure Digital Content Electronic Distribution System 100, the issuer of SC(S) 
protects the integrity of SC(s) by digitally signing it. In general, to create a digital 

signature of the recovered one. If the message has not being altered during 

distribution, the calculated digest and recovered digest must be equal. 

In the Secure Digital Content Electronic Distribution System 100, since SC(s) contain 
several data parts, a digest is calculated for each part and a summary digest is calculated 

for the concatenated recipient of the message uses the entity's name from the 

certificate to decide whether or not to accept the message. 

In the Secure Digital Content Electronic Distribution System 100, every SC(s), except 
those issued by the End-User Device(s) 109, includes the certificate of the creator of the 

SC(s many End- User(s) do not bother to acquire a certificate or have certificates 

issued by non bona- fide Certification Authorities. In the Secure Digital Content 
Electronic Distribution System 100, the Clearinghouse(s) 105 has the option of issuing 
certificates to the Electronic Digital Content Store(s) 103. This allows the End-User 
Device(s) 109 to independently verify that the Electronic Digital Content Store(s) 103 
have been authorised by the Secure Digital Content Electronic Distribution System 100. 

E. Guide To The SC(s) Graphical Representation 

This document uses a drawing to graphically represent SC(s) that shows encrypted parts, 

non symmetric key in this case). Another encrypted object, in this example a 

Transaction ID encrypted object 205 is shown. And Usage Conditions 206 for content 
licensing management as described below. The SC(s) 200 comprises Usage Conditions 
206, Transaction ID encrypted object 205, an Application ID encrypted object 207, and 

encrypted symmetric created and decrypted in this process overview is a general 

SC(s). It does not represent any of the specific SC(s) types used for rights management 



in the Secure Digital Content Electronic Distribution System 100. The process consists 
of the steps described in FIG. 3 for encryption process. 

Process Flow for Encryption Process of FIG. 3 

Process Flow for Decryption Process of FIG. 4 

III. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
FLOW 

The Secure Electronic Digital Content Distribution System 100, consists of several 
components that are used by the different participants of the system. These participants 

include the Content Provider(s) 101, Electronic via End-User Device(s) 109 and the 

Clearinghouse(s) 105. A high level system flow is used as an overview of the Secure 
Digital Content Electronic Distribution System 100. This flow outlined below tracks 
Content as it flows throughout the System 100. Additionally it outlines the steps used by 

the participants to of the Digital Content e.g. music, video and program and electronic 

distribution systems broadcast. 

The following process flow in illustrated in FIG. 1 . 

IV. RIGHTS MANAGEMENT ARCHITECTURE MODEL 
A. Architecture Layer Functions 

FIG. 5 is a block diagram of the Rights Management Architecture of the Secure Digital 
Content Electronic Distribution System 100. Architecturally, four layers represent the 
Secure Digital Content Electronic Distribution System 100: the License Control Layer 
501, the Content Identification Layer 503, Content Usage Control Layer 505, and the 

Content Formatting Layer 507. The overall required that the output from one layer 

satisfies format and semantics acceptable to the adjacent layer. 

The License Control Layer 501 ensures that: 

* the Digital Content is protected during distribution against illegal interception and 
tampering; 

* the Content 113 originates from a rightful content owner and is distributed by a 

licensed distributor, e.g. Electronic Digital Content Store(s) 103; 

* the Digital Content purchaser has a properly licensed application; 

* the distributor is paid native representation in the content owner's facilities into a 

form that is consistent with the service features and distribution means of the Secure 
Digital Content Electronic Distribution System 100. The conversion processing may 
include compression encoding and its associated preprocessing, such as frequency 



equalisation and amplitude dynamic adjustment. For Content 113 which 113 also 

needs to be processed to achieve a format appropriate for playback or transfer to a 
portable device. 

B. Function Partitioning and Flows 

The Rights Management Architectural Model is shown in FIG. 5 and this illustrates the 
mapping of the architectural layers to the operating components making up the Secure 
Digital Content Electronic Distribution System 100 and the key functions in each layer. 

1. Content Formatting Layer 507 

The general functions associated with the Content Formatting Layer 507 are 113 and 

its transmission time. Any compression algorithm appropriate for the type of Content 113 
and transmission medium can be used in the Secure Digital Content Electronic 
Distribution System 100. For music, MPEG 1/2/4, Dolby AC-2 and AC-3, Sony 
Adaptive Transform Coding (ATRAC), and low-bit rate algorithms are some of the 
typically... Transaction 541 and the License Authorisation 543 are complete and authentic, 
that the Electronic Digital Content Store(s) 103 has authorisation from the Secure Digital 
Content Electronic Distribution System 100 for the sale of electronic Content 113, and 
that the End-User(s) has a properly licensed application. Audit/Reporting 545 allows the 
generation of reports and the sharing of licensing transaction information with other 
authorised parties in the Secure Electronic Digital Content Distribution System 100 

License control is implemented through SC Processing 533. SC(s) are used to distribute 
encrypted Content 113 and information among the system operation components (more 
about the SC(s) detailed structure sections below). A SC is cryptographic carrier of 

information that from reputable Certificate Authorities that are used to authenticate 

those components. The End-User Device(s) 109 are not required to have digital 
certificates. 

C. Content Distribution and Licensing Control 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 
Licensing Control as it applies to the License Control Layer of FIG. 5. The figure depicts 

the case in which the Electronic Digital Content each Content 113 object, the 

Metadata SC(s) 620 also carries the Store Usage Conditions 519 associated with the 
Content Usage Control Layer 505. 

The Content Provider(s) 101 distributes the Metadata SC(s) 620 to one or more 
Electronic Digital Content Store(s) 103 (step 601) and the Content SC(s) 630 to one... 
...End-User Device(s) 109, the Clearinghouse(s) 105 verifies: 

1. that the Electronic Digital Content Store(s) 103 has authorisation from the Secure 
Digital Content Electronic Distribution System 100 (exists in the Database 160 of the 
Clearinghouse(s) 105); 



2. that the Order SC(s) 650 has not been altered; 

3. that was used to encrypt the encrypted part. 

If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 
B. Rights Management Language Syntax and Semantics 

The Rights Management Language consists of parameters that can be assigned values to 
define restrictions on the use of the Content 1 13 by an End-User(s) after... Key 623 bit 
string that was used to encrypt the part. 

VII. CLEARINGHOUSE(S) 105 

A. Overview 

The Clearinghouse(s) 105 is responsible for the rights management functions of the 
Secure Digital Content Electronic Distribution System 100. Clearinghouse(s) 105 
functions include enablement of Electronic Digital Content Store(s) 103, verification of 
rights to Content 1 13, integrity and authenticity validation of the buying transaction and 
related information, distribution of Content encryption keys or Symmetric Keys 623 to 
End-User Device(s) 109, tracking the distribution of those keys, and reporting of 
transaction summaries to Electronic Content Store(s) Embodiment 

An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 
to one or more of the Digital Content Provider(s) 101 that provide Content 1 13 to the 
Secure Digital Content Electronic Distribution System 100. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital content s) 105 is contacted, usually via E-mail, with a request that the 

Electronic Digital Content Store(s) 103 be added to the Secure Digital Content 
Electronic Distribution System 100. The digital content label provides the name of the 
Electronic Digital Content Store(s) 103 and any other information that may be required 

for the Clearinghouse(s) 105 End-User Device(s) 109 verifies that the Electronic 

Digital Content Store(s) 103 is a valid distributor of Content 1 13 on the Secure Digital 
Content Electronic Distribution System 100 by first checking the digital certificate 
revocation list and then using the Public Key 621 of the Clearinghouse(s) 105 to verify 

the information in the digital 660 it determines whether a new revocation list is 

included and if so, the local revocation list on the End-User Device(s) 109 is updated. 

B. Rights Management Processing 
Order SC(s) Analysis 

The Clearinghouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 
End-User(s Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 



that the Electronic Digital Content Store(s) 103 is authorised by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
Clearinghouse(s) 105 is the issuer of the certificates. Alternately, the Clearinghouse(s) 

105 would SC(s) 660 to the End-User Device(s) 109. The Electronic Digital Content 

Store(s) 103 is also expected to participate in managing the distribution of Content 113 
to various countries by performing the same checks as the Clearinghouse(s) 105. The 

Clearinghouse(s) 105 does whatever checking that it can in Content 113 purchase 

transactions and report request transactions. The information can be used for a variety of 
purposes such as audits of the Secure Digital Content Electronic Distribution System 
100, generation of reports, and data mining. 

The Clearinghouse(s) 105 also maintains account balances in Billing Subsystem 182 for 
the Electronic Digital Content... Store(s) 103 so that the Electronic Digital Content 
Store(s) 103 can charge the End-User(s)' credit card. 

G. Retransmissions 

The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 113. This is typically performed by a Customer 

Service Interface 184. Electronic Digital Content Store the End-User(s) for the 

purchase of the Content 113. 

VIII. CONTENT PROVIDER 

A. Overview 

The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 

System 100 is the digital content label or the entity who owns the rights to the Content 
113. The role of the Content Provider(s) 101 is to prepare the Content 1 13 for 
distribution and make information about the Content 113 available to Electronic Digital 
Content Store(s) 103 or retailers of the downloadable electronic versions of the Content... 
...that the Content 113 is secure when it leaves the Content Provider(s)' 101 domain and 
never exposed or accessible by unauthorised parties. This allows Content 113 to be 
freely distributed throughout a non-secure network, such as the Internet, without fear of 
exposure to hackers or unauthorised parties. 

The end goal of the tools for Content 1 13 and information and calls the SC(s) Packer 

to pack into SC(s). 

* Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centres, such as Content Hosting Site(s) 111 and Electronic Digital Content Store(s) 103. 

* Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally 

additional promotional the song file remain available until after Content Quality 

Control Process 810. 



1 1 . Encryption Process 811 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion... of media, such as several audio CDS, can be queued up so 
as to enable the Automatic Metadata Acquisition Tool to create a series of Content 113 
for electronic distribution. For example, all the Content 113 could be created from a 
series of CDS or even selected tracks from one or more CDS examined by the Content 

Provider(s) 101 design and layout of this site or can choose to use a turnkey web 

server solution provided as part of the toolkit for Secure Digital Content Electronic 
Distribution System 100. To implement their own design for this service, the Content 
Provider(s) 101 need only provide links to the Metadata SC(s) 620 for Electronic Digital 
Content Store(s) 103 who access their site. This is accomplished using the toolkit for the 
Secure Digital Content Electronic Distribution System 100. The selection process and 
what information is shown is the discretion of the Content Provider(s) 101. 

Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 
The computer disk space and bandwidth needs call for a distributed, scalable 
implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 101 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 111 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
and several Secondary Content Sites (not shown) that contain the current hot hits 
offered by the Content Provider(s) 101. The number of Content Hosting Site(s) 111 
changes times. 

Should the Content Provider(s) 101 choose to host all of their Content 1 13 in their own 
system, they can act as a single Content Hosting Site 111 with or without additional 
Secondary Content Sites. This allows them to build their own scalable distributed 
system. In another embodiment, Electronic Digital Content Store(s) 103 can also act as 



Content Hosting Site(s) 1 1 1 for certain Content 1 13. This embodiment or the 

download request may be redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 111 provided by the Secure Digital Content Electronic 
Distribution System 100 

For the Secure Digital Content Electronic Distribution System 100 the decision of 
which site should be used to download the Content 1 13 is made by the primary content 
site that received the to make this decision: 

* Are there secondary content sites that host the Content 113 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
is only located at primary sites); 

* Where is the End-User Device(s) 109 geographically located? (This information can be 
obtained from the is allowed to download the Content 113. 

Secondary Content Sites 

The Secondaiy Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPS) to improve 
download times. These sites are for Multiple Electronic Digital Content Store(s) 103 

Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities 
who market the Content 1 13 to be distributed to the customer. For distribution of 
Content 1 13, this would include Digital Content Retailing Web Sites, Digital Content 
Retail Stores, or any business who wishes to get involved in...Store(s) 103 is 
accomplished via a set of tools developed for the Electronic Digital Content Store(s) 103 
as part of the Secure Digital Content Electronic Distribution System 100. These tools 
are used by the Electronic Digital Content Store(s) 103 to: 

* acquire the Metadata SC(s) 620 packaged by the Content the main variant between 

the broadcast based service offering and the point-to-point interactive web service type 
offering. 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1. Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 



downloadable electronic Content 113 to batch driven and can be largely automated 

and is executed only to integrate new Content 113 into the site. 

The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 

implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System 100, it would simply need to indicate which products in its inventory are also 

available for electronic download and allow its customers to select all electronic 

downloads. It simply passes the required information and all processing from that point 
on is handled by the toolset for the Secure Digital Content Electronic Distribution 
System 100. In another embodiment, other methods of transaction handling are also 
possible using tools for the Secure Digital Content Electronic Distribution System 100 
to handle the financial settlement should the Electronic Digital Content Store(s) 103 wish 

to sell downloadable merchandise only or to segregate the to retain a cross reference 

of the Content 113 being offered to this Product ID to properly interface with the tools for 
the Secure Digital Content Electronic Distribution System 100. Providing this 
information here, allows the Electronic Digital Content Store(s) 103 to integrate this 

product or Content 1 13 into its inventoiy and only used by the Electronic Digital 

Content Store(s) 103 as input to his web service database is removed from the Metadata 
SC(s) 620. Rights management information provided by the Content Provider(s) 101, 
such as watermarking instructions, encrypted Symmetric Keys 623, and Usage 

Conditions 517 defining the permitted uses of new Content 113 has been placed in the 

Content Promotions Web Site 156. 

None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows 100 but are provided as options to allow the Electronic 

Digital Content Store(s) 103 the opportunity to close its records on the is an optional 

process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the Clearinghouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 

Broadcast primarily refers to a one to many transmission method where there is no 

personal interaction between the End-User Device(s) 109 and Content 113 as well as 

prepare SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to 
manage and prepare Content 113 for distribution on a broadcast infrastructure. The 
SC(s) distributed over a Web service are the same as those distributed over a broadcast 
service. 



X. applications in the End-User Device(s) 109 for the Secure Digital Content Electronic 
Distribution System 100 perform two main functions: first the SC(s) processing and 
copy control; and second playback of encrypted Content 113. Whether the End-User... 
...to the downloadable objects, the End-User(s) may have a combination of physical and 
electronic downloadable merchandise in his shopping cart. The Secure Digital Content 
Electronic Distribution End-User Device(s) 109 are not involved until after the End- 

User(s) checks out and submits his final purchase authorisation to the Electronic is a 

CD 1802 and the Content 1 13 is music. The CD 1802 takes the place of the Content 
Hosting Sites 1 1 1 to permit the music to be distributed over physical media rather than 
through electronic means such as broadband. The CD 1802 contains music samples and 

multiple compressed and encrypted music tracks in a Content SC CD 1802 eliminates 

the long download times over narrow-band Internet, and the need for a broadband 
Internet channel. As previously described, for the telecommunications distribution of 
Content 113, the end-user using the End User Device(s) 109 access the encryption Key 

623 to render the Content 1 13 by receiving a Transaction The content preparation for 

the CD 1802 is the same system and methods as described in "Section VIII Content 
Provider" above. But instead of creating Content SC(s) 630 for distribution over 
telecommunications networks, the Content SC(s) 630 and Offer SC(s) 640 are written to 

the CD 1802. Included on the CD 1802 are the Notify SC(s) 1822 of times. Until such 

time as the copy control standards are more stable, alternative methods of copy control 
have been provided in the Secure Digital Content Electronic Distribution System 100 so 
that it does not rely on the copy control watermark in order to provide rights 
management in the consumer device. Storage and p lay/record usage conditions security 
is implemented utilising encrypted DC Library Collections 196 that are tied to the... 
...algorithm. Thus use of widely accepted and proven industry standard algorithms can be 
used thus further enhancing Digital Content Industry acceptance of the Secure Digital 
Content Electronic Distribution System 100. 

The second purpose of this Deciyption and Re-Encryption 194 process is to remove the 

requirement that the original master encryption Key 623 to encrypt the Content 1 13 is 

used for any associated metadata needing to be encrypted. 

D. The Player Application 195 

1. Overview 

The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to. ..as handle requests for information about the stored songs. 

6. Inter- application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 

plug-in, etc) that may invoke the Player Application 195, or that the Player by the 

Player Application 195. A typical audio enthusiast has a library of CDS holding songs. 



All of these are available within the Secure Digital Content Electronic Distribution 
System 100. The set of songs that have been purchased from Electronic Digital Content 
Store(s) 103 are stored within a Digital Content Library 196... 

Specification: ...Content Store(s) Embodiment 

An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 
to one or more of the Digital Content Provider(s) 101 that provide Content 1 13 to the 
Secure Digital Content Electronic Distribution System 100. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital content s) 105 is contacted, usually via E-mail, with a request that the 

Electronic Digital Content Store(s) 103 be added to the Secure Digital Content 
Electronic Distribution System 100. The digital content label provides the name of the 
Electronic Digital Content Store(s) 103 and any other information that may be required 

for the Clearinghouse(s) 105 End-User Device(s) 109 verifies that the Electronic 

Digital Content Store(s) 103 is a valid distributor of Content 1 13 on the Secure Digital 
Content Electronic Distribution System 100 by first checking the digital certificate 
revocation list and then using the Public Key 621 of the Clearinghouse(s) 105 to verify 

the information in the digital 660 it determines whether a new revocation list is 

included and if so, the local revocation list on the End-User Device(s) 109 is updated. 

B. Rights Management Processing 

Order SC(s) Analysis 

The Clearinghouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 

End-User(s Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 

that the Electronic Digital Content Store(s) 103 is authorised by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
Clearinghouse(s) 105 is the issuer of the certificates. Alternately, the Clearinghouse(s) 

105 would SC(s) 660 to the End-User Device(s) 109. The Electronic Digital Content 

Store(s) 103 is also expected to participate in managing the distribution of Content 113 
to various countries by performing the same checks as the Clearinghouse(s) 105. The 

Clearinghouse(s) 105 does whatever checking that it can in Content 113 purchase 

transactions and report request transactions. The information can be used for a variety of 
purposes such as audits of the Secure Digital Content Electronic Distribution 
System.. .Store(s) 103 so that the Electronic Digital Content Store(s) 103 can charge the 
End-User(s)' credit card. 

G. Retransmissions 

The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 1 13. This is typically performed by a Customer 

Service Interface 184. Electronic Digital Content Store the End-User(s) for the 

purchase of the Content 113. 



VIII. CONTENT PROVIDER 



A. Overview 

The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 
System 100 is the digital content label or the entity who owns the rights to the Content 
113. The role of the Content Provider(s) 101 is to prepare the Content 1 13 for 
distribution and make information about the Content 113 available to Electronic Digital 
Content Store(s) 103 or retailers of the downloadable electronic versions of the Content... 
...that the Content 1 13 is secure when it leaves the Content Provider(s)' 101 domain and 
never exposed or accessible by unauthorised parties. This allows Content 113 to be 
freely distributed throughout a non-secure network, such as the Internet, without fear of 
exposure to hackers or unauthorised parties. 

The end goal of the tools for Content 1 13 and information and calls the SC(s) Packer 

to pack into SC(s). 

. Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centres, such as Content Hosting Site(s) 111 and Electronic Digital Content Store(s) 103. 

. Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally additional 

promotional the song file remain available until after Content Quality Control Process 

810. 

1 1 . Encryption Process 811 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion. ..of media, such as several audio CDS, can be queued up so 
as to enable the Automatic Metadata Acquisition Tool to create a series of Content 113 
for electronic distribution. For example, all the Content 113 could be created from a 
series of CDS or even selected tracks from one or more CDS examined by the Content 

Provider(s) 101 Metadata SC(s) 620 for Electronic Digital Content Store(s) 103 who 

access their site. This is accomplished using the toolkit for the Secure Digital Content 
Electronic Distribution System 100. The selection process and what information is 
shown is the discretion of the Content Provider(s) 101. 

Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 



The computer disk space and bandwidth needs call for a distributed, scalable 
implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 101 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 111 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
and several Secondary Content Sites (not shown) that contain the current hot hits 
offered by the Content Provider(s) 101. The number of Content Hosting Site(s) 111 
changes times. 

Should the Content Provider(s) 101 choose to host all of their Content 1 13 in their own 
system, they can act as a single Content Hosting Site 1 1 1 with or without additional 
Secondary Content Sites. This allows them to build their own scalable distributed 
system. In another embodiment, Electronic Digital Content Store(s) 103 can also act as 
Content Hosting Site(s) 1 1 1 for certain Content 1 13. This embodiment... or the download 
request may be redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 1 1 1 provided by the Secure Digital Content Electronic 
Distribution System 100 

For the Secure Digital Content Electronic Distribution System 100 the decision of 
which site should be used to download the Content 1 13 is made by the primary content 
site that received the to make this decision: 

. Are there secondary content sites that host the Content 113 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System 100 
is only located at primary sites); 

. Where is the End-User Device(s) 109 geographically located? (This information can be 
obtained from the is allowed to download the Content 113. 

Secondary Content Sites 

The Secondary Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPs) to improve 
download times. These sites are for Multiple Electronic Digital Content Store(s) 103 

Electronic Digital Content Store(s) 103 are essentially the retailers. They are the entities 
who market the Content 1 13 to be distributed to the customer. For distribution of 



Content 1 13, this would include Digital Content Retailing Web Sites, Digital Content 
Retail Stores, or any business who wishes to get involved in marketing electronic 

Content Store(s) 103 is accomplished via a set of tools developed for the Electronic 

Digital Content Store(s) 103 as part of the Secure Digital Content Electronic 
Distribution System 100. 

These tools are used by the Electronic Digital Content Store(s) 103 to: 

. acquire the Metadata SC(s) 620 packaged by the Content the main variant between 

the broadcast based service offering and the point-to-point interactive web service type 
offering. 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1 . Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 

downloadable electronic Content 1 13 to batch driven and can be largely automated 

and is executed only to integrate new Content 1 13 into the site. 

The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 

implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System 100, it would simply need to indicate which products in its inventory are also 

available for electronic download and allow its customers to select all electronic 

downloads. It simply passes the required information and all processing from that point 
on is handled by the toolset for the Secure Digital Content Electronic Distribution 
System 100. In another embodiment, other methods of transaction handling are also 
possible using tools for the Secure Digital Content Electronic Distribution System 100 
to handle the financial settlement should the Electronic Digital Content Store(s) 103 wish 

to sell downloadable merchandise only or to segregate the to retain a cross reference 

of the Content 113 being offered to this Product ID to properly interface with the tools for 
the Secure Digital Content Electronic Distribution System 100. Providing this 
information here, allows the Electronic Digital Content Store(s) 103 to integrate this 

product or Content 113 into its inventory and only used by the Electronic Digital 

Content Store(s) 103 as input to his web service database is removed from the Metadata 
SC(s) 620. Rights management information provided by the Content Provider(s) 101, 
such as watermarking instructions, encrypted Symmetric Keys 623, and Usage 



Conditions 517 defining the permitted uses of new Content 1 13 has been placed in the 

Content Promotions Web Site 156. 

None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows 100 but are provided as options to allow the Electronic 
Digital Content Store(s) 103 the opportunity to close its records on the... is an optional 
process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the Clearinghouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 

Broadcast primarily refers to a one to many transmission method where there is no 

personal interaction between the End-User Device(s) 109 and Content 1 13 as well as 

prepare SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to 
manage and prepare Content 1 13 for distribution on a broadcast infrastructure. The 
SC(s) distributed over a Web service are the same as those distributed over a broadcast 
service. 

X. END-USER DEVICE(S) 109 

The applications in the End-User Device(s) 109 for the Secure Digital Content 
Electronic Distribution System 100 perform two main functions: first the SC(s) 
processing and copy control; and second playback of enciypted Content 113. Whether the 

End-User to the downloadable objects, the End-User(s) may have a combination of 

physical and electronic downloadable merchandise in his shopping cart. The Secure 
Digital Content Electronic Distribution End-User Device(s) 109 are not involved until 
after the End-User(s) checks out and submits his final purchase authorisation to the 

Electronic is a CD 1802 and the Content 113 is music. The CD 1802 takes the place 

of the Content Hosting Sites 1 1 1 to permit the music to be distributed over physical 
media rather than through electronic means such as broadband. The CD 1802 contains 
music samples and multiple compressed and encrypted music tracks in a Content SC.. 
...CD 1802 eliminates the long download times over narrow-band Internet, and the need 
for a broadband Internet channel. As previously described, for the telecommunications 
distribution of Content 1 13, the end-user using the End User Device(s) 109 access the 

encryption Key 623 to render the Content 113 by receiving a Transaction The content 

preparation for the CD 1802 is the same system and methods as described in "Section 
VIII Content Provider" above. But instead of creating Content SC(s) 630 for 
distribution over telecommunications networks, the Content SC(s) 630 and Offer SC(s) 
640 are written to the CD 1802. Included on the CD 1802 are the Notify SC(s) 1822... 
...of times. Until such time as the copy control standards are more stable, alternative 



methods of copy control have been provided in the Secure Digital Content Electronic 
Distribution System 100 so that it does not rely on the copy control watermark in order 
to provide rights management in the consumer device. Storage and play/record usage 
conditions security is implemented utilising encrypted DC Library Collections 196 that 

are tied to the End algorithm. Thus use of widely accepted and proven industry 

standard algorithms can be used thus further enhancing Digital Content Industry 
acceptance of the Secure Digital Content Electronic Distribution System 100. 

The second purpose of this Deciyption and Re- Encryption 194 process is to remove the 
requirement that the original master encryption Key 623... to encrypt the Content 1 13 is 
used for any associated metadata needing to be encrypted. 

D. The Player Application 195 

1. Overview 

The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to as handle requests for information about the stored songs. 

6. Inter- application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 

plug-in, etc) that may invoke the Player Application 195, or that the Player by the 

Player Application 195. A typical audio enthusiast has a library of CDS holding songs. 
All of these are available within the Secure Digital Content Electronic Distribution 
System 100. The set of songs that have been purchased from Electronic Digital Content 
Store(s) 103 are stored within a Digital Content Library 196... 
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Specification: ...PCIT0001 DNUM=WO9220022A> WO 92/20022 discloses a 
distributed computer system which employs a licence management system to account for 
software product usage. Each licensed product upon start-up makes a call to a license 
server to check on whether usage is permitted. The license server checks a database of... 
...indicates acceptance and may also determine the identity of the user. 

An aim of the present invention is to provide an adaptable technique for the distribution 
of digital electronic content and control information that can be used to protect the rights 
of a number of different parties. 

The present invention is defined in independent claims electronic information. 

VDE provides comprehensive and configurable transaction management, metering and 
monitoring technology. It can change how electronic information products are protected, 
marketed, packaged, and distributed. When used, VDE should result in higher revenues 
for information providers and greater user satisfaction and value. Use of VDE will 
normally result in lower usage costs, decreased transaction costs, more efficient access to 
electronic information, re-usability of rights protection and other transaction 
management implementations, greatly improved flexibility in the use of secured 
information, and greater standardization of tools and processes for electronic transaction 

management. VDE can be used and risk, protecting money and credit, and generally 

protecting the security of information. VDE employs a system that uses a common set of 
processes to manage rights issues in an efficient, trusted, and cost-effective way. 

VDE can be used to protect the rights of parties who create electronic content such as... 
...rights of authors of electronic content, 

2. (b) the commercial rights of distributors of content, 

3. (c) the rights of any parties who facilitated the distribution of content, 

4. (d) the privacy rights of users of content, 

5. (e) the privacy rights of parties portrayed by stored and/or distributed content, and 



6. (f) any other rights regarding enforcement of electronic agreements. VDE can enable a 
very broad variety of electronically enforced commercial and societal agreements... 
...software once removed from either its physical or electronic package. 



Traditional electronic information rights protection systems are often inflexible and 
inefficient and may cause a content provider to choose costly distribution channels that 
increase a product's price. In general these mechanisms restrict product pricing, 
configuration, and marketing flexibility. These compromises are the result of 

techniques value to justify a given product's cost in the eyes of many potential users. 

VDE allows content providers and distributors to create applications and distribution 
networks that reflect content providers' and users' preferred business models. It offers 
users a ...providers. One or more providers of electronic information can easily combine 
selected building blocks to create a rights application that is unique to a specific content 
distribution model. A group of these pieces can represent the capabilities needed to 
fulfill the agreement(s) between users and providers. These pieces accommodate many 
requirements of electronic commerce including: 

) the distribution of permissions to use electronic information; 

) the persistence of the control information and sets of control information managing 
these permissions; 

) configurable control set information that can be selected by users for use with such 
information; 

) data security and usage auditing of electronic information; and 

) a secure system for currency, compensation and debit management. 

For electronic commerce, a rights application, under the preferred embodiment of the 
present invention, can provide electronic enforcement of the business agreements 

between all participants. Since different groups of components various tools that 

enable system designers to directly insert VDE capabilities into their products. These 
tools include an Application Programmer's Interface ("API") and a Rights Permissioning 
and Management Language ("RPML"). The RPML provides comprehensive and 
detailed control over the use of the invention's features. VDE also includes certain user 

interface subsystems for and/or a data security chain model for handling, auditing, 

reporting, and payment. It can provide efficient, reusable, modifiable, and consistent 
means for secure electronic content: distribution, usage control, usage payment, usage 
auditing, and usage reporting. Content may, for example, include: 

) financial information such as electronic currency and credit; 

) commercially distributed electronic information such as reference databases, movies, 
games, and advertising; and 

) electronic properties produced by persons and organizations, such as documents, e-mail, 
and proprietary their transaction environment to accommodate: 



1. (1) desired content models, content control models, and content usage information 
pathways, 

2. (2) a complete range of electronic media and distribution means, 

3. (3) a broad range of pricing, payment, and auditing strategies, 

4. (4) very flexible privacy and/or reporting models, 

5. (5) practical and unauthorized use of electronic information, by controlling and 

auditing (and other administration of use) electronically stored and/or disseminated 
information. This includes, for example, commercially distributed content, electronic 
currency, electronic credit, business transactions (such as EDI), confidential 
communications, and the like. VDE can further be used to enable commercially provided 

electronic content 8. (8) Secure control means that can allow each VDE installation to 

perform VDE content authoring (placing content into VDE containers with associated 
control information), content distribution, and content usage; as well as clearinghouse 
and other administrative and analysis activities employing content usage information. 

VDE may be used to migrate most non-electronic, traditional use software to 

substitute for, or complement, said hardware (provided by Host Processing Environments 
(HPEs)), operate in conjunction with secure communications, systems integration 
software, and distributed software control information and support structures, to achieve 
the electronic contract/rights protection environment of the present invention. Together, 
these VDE components comprise a secure, virtual, distributed content and/or appliance 
control, auditing (and other administration), reporting, and payment environment. In 
some embodiments and where commercially acceptable, certain VDE participants, such 
as clearinghouses hardware elements and intemperate, for example, with VDE end- 
users and content providers. VDE components together comprise a configurable, 
consistent, secure and "trusted" architecture for distributed, asynchronous control of 
electronic content and/or appliance usage. VDE supports a "universe wide" environment 
for electronic content delivery, broad dissemination, usage reporting, and usage related 
payment activities. 

VDE provides VDE foundation elements along with secure independently deliverable 

VDE components that enable electronic commerce models and relationships to develop. 
VDE specifically supports the unfolding of distribution models in which content 
providers, over time, can expressly agree to, or allow, subsequent content providers 
and/or users to participate in shaping the control information for, and consequences... 
...activities are supported by capabilities of the present invention. As a result, VDE 
supports most types of electronic information and/or appliance: usage control (including 
distribution), security, usage auditing, reporting, other administration, and payment 
arrangements. 

VDE, in its preferred embodiment, employs object software technology and uses object 
technology to form "containers containers may contain electronic content products or 



other electronic information and some or all of their associated permissions (control) 
information. These container objects may be distributed along pathways involving 
content providers and/or content users. They may be securely moved among nodes of a 
Virtual Distribution Environment (VDE) arrangement, which nodes operate VDE 

foundation software use of the preferred embodiment of the present invention may be 

employed both for distributing VDE control instructions (information) and/or to 
encapsulate and electronically distribute content that has been at least partially secured. 

Content providers who employ the present invention may include, for example, software 

application and game publishers, database publishers enforcing commercial 

agreements and enabling the protection of privacy rights. VDE can securely deliver 
information from one party to another concerning the use of commercially distributed 
electronic content. Even if parties are separated by several "steps" in a chain (pathway) 
of handling for such content usage information, such information is protected by 
VDE... objects to augment configurability, portability, and security of the VDE 
environment. It also employs a software object architecture for VDE content containers 
that carries protected content and may also cany both freely available information (e.g, 
summary, table of contents) and secured content control information which ensures the 

performance of control usage according to criteria set by holders of rights to an 

object's contents and/or according to parties who otherwise have rights associated with 
distributing such content (such as governments, financial credit providers, and users). 

In part, security is enhanced by object methods employed by the present invention 

because the encryption schemes computer platforms and operating systems, and said 

various portions may all be carried by a VDE container. 

An objective of VDE is supporting a transaction/distribution control standard. 
Development of such a standard has many obstacles, given the security requirements and 
related hardware and communications issues, widely Differing environments, information 

types information usage, business and/or data security goals, varieties of participants, 

and properties of delivered information. A significant feature of VDE accommodates the 
many, varying distribution and other transaction variables by, in part, decomposing 
electronic commerce and data security functions into generalized capability modules 

executable within a secure hardware SPU and control information and/or add new 

control information as necessary (including the elimination of no longer required 
elements). 

VDE supports trusted (sufficiently secure) electronic information distribution and usage 
control models for both commercial electronic content distribution and data security 
applications. It can be configured to meet the diverse requirements of a network of 

interrelated participants that may include content creators, content range of 

commercial and data security models, ensure against unauthorized use of confidential 
and/or proprietary information and commercial electronic transactions. VDE's electronic 
transaction management mechanisms can enforce the electronic rights and agreements 
of all parties participating in widely varying business and data security models, and this 
can be efficiently achieved through a single VDE implementation and/or users; as 



well as to electronic content generally on a given installation, to specific properties, 
property portions, classes and/or other groupings of content. 

Distribution using VDE may package both the electronic content and control 
information into the same VDE container, and/or may involve the delivery to an end... 
...with capability parameter data to reflect the elements of one or more express electronic 
agreements between VDE participants in regards to the use of electronic content such as 
commercially distributed products. These control capabilities manage the use of, and/or 
auditing of use of, electronic content, as well as reporting information based upon content 

use one or more successive parties who receive or otherwise contribute to a given set 

of control information. Frequently, for a VDE application for a given content model 
(such as distribution of entertainment on CD-ROM, content delivery from an Internet 
repository, or electronic catalog shopping and advertising, or some combination of the 

above) participants would nature of the VDEF capabilities that will and/or may apply 

to certain electronic information. A VDE content container is an object that contains both 
content (for example, commercially distributed electronic information products such as 
computer software programs, movies, electronic publications or reference materials, etc.) 

and certain control information related to the use of the make a VDE container 

available to other parties. Control information delivered by, and/or otherwise available 
for use with, VDE content containers comprise (for commercial content distribution 
purposes) VDEF control capabilities (and any associated parameter data) for electronic 
content. These capabilities may constitute one or more "proposed" electronic agreements 

(and/or agreement more VDEF capabilities may be present at a VDE installation, and 

certain VDE agreements may have been entered into during the registration process for a 
content distribution application, to be used by such installation for securely controlling 
VDE content usage, auditing, reporting and/or payment. Similarly, a specific VDE 

participant may enter in order to pay for user use of the content. A certain content 

provider might, for example, require metering the number of copies made for 
distribution to employees of a given software program (a portion of the program might 

be maintained in encrypted form and require the presence of a VDE within the 

CPU/RAM package before it is executed. This process is used for important VDE related 
data when such data is stored on unprotected media, for example, standard host storage, 
such as random access memory, mass storage, etc. In that event, a VDE SPU would 

encrypt data that results from time-ageing of encryption keys, the 

compartmentalization of both stored control information (including differentially tagging 
such stored information to ensure against substitution and tampering) and distributed 
content (to, for many content applications, employ one or more content encryption keys 
that are unique to the specific VDE installation and/or user), private key techniques such 

as triple and to provide the benefits of digital signature and authentication to securely 

bind together the nodes of a VDE arrangement, secure processing of important 
transaction management executable code, and a combining of a small amount of highly 
secure, hardware protected storage space with a much larger "exposed" mass media 
storage space storing secured (normally encrypted and tagged) control and audit 
information. VDE employs special purpose hardware distributed throughout some or all 
locations of a VDE implementation: a) said hardware controlling important elements of: 
content preparation (such as causing such content to be byte offsets representing 



increments of logically related information. VDE supports as many simultaneous 
predefined increment types as may be practical for a given type of content and business 
model. 

) securely store at a user's site potentially highly detailed information reflective of a user's 
usage of a variety of different content segment types and employing both inexpensive 
"exposed" host mass storage for maintaining detailed information in the form of 

encrypted data and maintaining summary information for reporting information 

handling, may also be employed as one or more pathways for electronic payment 
handling (payment is characterized in the present invention as Administrative content) 
for electronic content and/or appliance usage. These pathways are used for conveyance 
of all or portions of content, and/or content related control information. Content creators 
and other providers can specify the pathways that, partially or fully, must be used to 
disseminate commercially distributed property content, content control information, 
payment administrative content, and/or associated usage reporting information. Control 
information specified by content providers may also specify which specific parties must 
or... ID, client network ID, client project ID, and client employee ID, or any appropriate 
subset of the above). 

) provide a general puipose, secure, component based content control and distribution 
system that functions as a foundation transaction operating system environment that 
employs executable code pieces crafted for transaction control and auditing. These code 

pieces can businesses. Templates are applications or application add-ons under the 

present invention. Templates support the efficient specification and/or manipulation of 
criteria related to specific content types, distribution approaches, pricing mechanisms, 
user interactions with content and/or administrative activities, and/or the like. Given the 

very large range of capabilities and configurations supported to that user, or a content 

or other business model can very substantially limit difficulties associated with content 
containerization (including placing initial control information on content), distribution, 
client administration, electronic agreement implementation, end-user interaction, and 
clearinghouse activities, including associated interoperability problems (such as conflicts 

resulting from security, operating system, and/or broad use, or for more focused 

activities. A given VDE participant may have a plurality of templates available for 
different tasks. A party that places content in its initial VDE container may have a 
variety of different, configurable templates depending on the type of content and/or 

business model related to the content. An and/or auditing of either the same specific 

copy of electronic information content and/or differently regulating different copies 
(occurrences) of the same electronic information content. Differing models for billing, 
auditing, and security can be applied to the same piece of electronic information content 

and such differing sets of control information organizations, to specify preferences or 

requirements related to their use of electronic content and/or appliances. Content users, 
such as end-user customers using commercially distributed content (games, information 
resources, software programs, etc.), can define, if allowed by senior control information, 

budgets, and/or other control information, to manage their own internal that has been 

certified as acceptable (e.g., reliable and trusted) for use with a specific VDE application, 
class of applications, and/or a VDE distributed arrangement. This modification 



(evolution) of control information can occur upon content control information (load 

modules and any associated data) circulating to one or more VDE establish, modify, 

and/or contribute to, permission, auditing, payment, and reporting control information 
related to controlling, analyzing, paying for, and/or reporting usage of, electronic content 
and/or appliances (for example, as related to usage of VDE controlled property content). 
Independently delivered (from an independent source which is independent except in... 
...received, for example, from a government agency. Content providers might be required 
by law to incorporate such control information into the control information for 
commercially distributed content and/or services related to appliance usage. Proposed 
control information is used to an extent allowed by senior control information and as 

determined by any models for the same content property and/or property portion. This 

allows, for example, for concurrent business activities which are dependent on electronic 
commercial product content distribution, such as acquiring detailed market survey 
information and/or supporting advertising, both of which can increase revenue and result 

in lower content costs to users and/or overall control models may be applied, as 

determined or allowed by control information, in differing manners to different 
participants in a pathway of content, reporting, payment, and/or related control 
information handling. VDE supports applying different content control information to the 
same and/or different content and/or appliance usage related activities, and/or to different 
parties in a content and/or appliance usage model, such that different parties (or classes of 
VDE users, for example) are subject to differing control information managing their use 
of electronic information content. For example, differing control models based on the 
category of a user as a distributor of a VDE controlled content object or an end-user... 
...enable a user to securely extract, through the use of the secure subsystem at the user's 
VDE installation, at least a portion of the content included within a VDE content 
container to produce a new, secure object (content container), such that the extracted 
information is maintained in a continually secure manner through the extraction process. 
Formation of the new VDE container containing such.. .present invention's trusted/secure, 
universe wide, distributed transaction control and administration system. These 
components support VDE related: object creation (including placing control information 
on content), secure object distribution and management (including distribution control 
information, financial related, and other usage analysis), client internal VDE activities 
administration and control, security management, user interfaces, payment 
disbursement, and clearinghouse related functions. These components are designed to 
support highly secure, uniform, consistent, and standardized: electronic commerce and/or 

data protected (at least in part encrypted) form through telecommunication of a VDE 

container to an appropriate party such as a clearinghouses, provider of original property 
content or appliance, or an agent for such provider (other than a clearinghouse). Payment 

information may be packaged in said VDE content container with, or without be 

encrypted as it leaves the repository. Fingerprinting would preferably take place as the 
content leaves the repository, but before the encryption step. 

Encrypted repository content can be decrypted, for example in a secure VDE sub-system, 
fingerprint information can be inserted, and then the content can be re-encrypted for 
transmission. Embedding identification information of the intended recipient user and/or 
VDE installation into content as it leaves, for example, an Internet repository, would 



provide important information that would identify or assist in identifying any party that 
managed to compromise the security of a VDE installation or the delivered content. If a 
party produces an authorized clear form copy of VDE controlled content, including 
making unauthorized copies of an authorized clear form copy, fingerprint information 

would point back to that individual and/or his or her VDE installation unencrypted 

form. This information would be useful in tracking who may have "broken" the security 
of a VDE installation and was illegally making certain electronic content available to 
others. 

Fingerprinting may provide additional, available information such as time and/or date of 
the release (for example extraction) of said content information. Locations for inserting 
fingerprints may be specified by VDE installation and/or content container control 
information. This information may specify that certain areas and/or precise locations 
within properties should be used for fingerprinting, such as one or actually used. 

) support both "translations" of VDE electronic agreements elements into modern 
language printed agreement elements (such as English language agreements) and 
translations of electronic rights protection/transaction management modern language 
agreement elements to electronic VDE agreement elements. This feature requires 
maintaining a library of textual language that corresponds to VDE load modules and... 
...distributor that failed to make payments and/or report usage information to a content 
provider might find that their budget for creating permissions records to distribute the 
content provider's content to users, and/or a security budget limiting one or more other 

aspect of their use of the provider's content, are not being refreshed to efficiently, 

concurrently support multiple financial currencies (e.g. dollars, marks, yen) and content 
related budgets, and/or billing increments as well as very flexible content distribution 
models. 

) support, complete, modular separation of the control structures related to (1) content 
event triggering, (2) auditing, (3) budgeting (including specifying no right of 
use. ..available remotely by telecommunication means). Required methods (methods listed 
as required for property and/or appliance use) must be available as specified if VDE 
controlled content (such as intellectual property distributed within a VDE content 
container) is to be used. Methods that control content may apply to a plurality of VDE 

container objects, such as a class or other grouping the present invention is that 

creators, distributors, and users of content can select from among a set of predefined 
methods (if available) to control container content usage and distribution functions 
and/or they may have the right to provide new customized methods to control at least 

certain usage functions (such "new" methods may be or she will allow to be reported 

and/or a financial clearinghouse establishing certain criteria for use of its credit for 
payment for use of distributed content) can be confident that their contributed and 
accepted control information will be enforced (within the security limitations of a given 

VDE security implementation design). This the various underlying agreements 

between parties that comprise this extended agreement. These agreements can define 
important electronic commerce considerations including: 



1. (1) security, 

2. (2) content use control, including electronic distribution, 

3. (3) privacy (regarding, for example, information concerning parties described by 
medical, credit, tax, personal, and/or of other forms of confidential information), 

4. (4 many examples of transactions that can be supported by virtual distribution 

environment 100 include: 

C home banking and electronic payments; 

C electronic legal contracts; 

C distribution of "content" such as electronic printed matter, video, audio, images and 
computer programs; and 

C secure communication of private information such as medical records and financial 

information and distributors. For example, in the past, information was distributed on 

records or disks that were difficult to copy. In the past, private or secret content was 
distributed in sealed envelopes or locked briefcases delivered by courier. To ensure 
appropriate compensation, consumers received goods and services only after they handed 
cash over to a seller. Although information utility 200 may deliver information by 
transferring physical "things" such as electronic storage media, the virtual distribution 
environment 100 facilitates a completely electronic "chain of handling and control." 

VDE Flexibility Supports Transactions 

Information utility 200 flexibly supports many different kinds of information 1 also 

shows a publishing house 214. Publishing house 214 may act as a distributor for an 
author 206. The publishing house 214 may distribute rights to use "content" (such as 
computer software, electronic newspapers, the video produced by publishing house 214, 

audio, or any other data) to consumers such as office 210. The from the content they 

apply to provides great advantages. 

Use rights distributed by publishing house 214 may, for example, permit office 210 to 
make and distribute copies of the content to its employees. Office 210 may act as a 
redistributor by extending a "chain of handling and control" to its employees. The office 
210 may virtual distribution environment 100. The electronic storage media may be used 
to distribute content, "rules and controls," or other information. 

Example of What's Inside Information Utility 200 

"Information utility" 200 in Figure 1 can 100 operating properly. A content and 

message storage 200g may store information for use by participants within or outside of 
information utility 200. 



Example of Distributing Content" Using A Chain of Handling and Control" 

As explained above, virtual distribution environment 100 can be used to manage almost 
any sort of transaction. One type of important transaction that virtual distribution 
environment 100 may be used to manage is the distribution or communication of 
"content" or other important information. Figure 2 more abstractly shows a "model" of 
how the Figure 1 virtual distribution environment 100 may be used to provide a "chain of 
handling and control" for distributing content. Each of the blocks in Figure 2 may 
correspond to one or more of the VDE participants shown in Figure 2 example, a VDE 
content creator 102 creates "content." The content creator 102 may also specify "rules 
and controls" for distributing the content. These distribution-related "rules and 
controls" can specify who has permission to distribute the rights to use content, and how 
many users are allowed to use the content. 

Arrow 104 shows the content creator 102 sending the "rules and controls" associated with 

the an electronic highway 108 (or by some other path such as an optical disk sent by a 

delivery service such as U. S. mail). The content can be distributed over the same or 
different path used to send the "rules and controls." The distributor 106 generates her 

own "rules and controls" that relate to These usage-related "rules and controls" must 

be consistent with the "rules and controls" specified by content creator 102. 

Arrow 110 shows the distributor 106 distributing rights to use the content by sending 
the content's "rules and controls" to a content user 1 12 such as a consumer. The content 

user 1 12 uses the content in or they may be Different people. For example, a musical 

performing group may act as both content creator 102 and distributor 106 by creating and 
distributing its own musical recordings. As another example, a publishing house may 
act as a distributor 106 to distribute rights to use works created by an author content 
creator 102. Content creators 102 may use a distributor 106 to efficiently manage the 
financial end of content distribution. 

The "financial clearinghouse" 1 16 shown in Figure 2 may also be a "VDE administrator." 

Financial clearinghouse 1 16 in its VDE administrator is revealed to allows the 

privacy rights of all VDE participants to be protected. 

Rules and Contents" Can Be Separately Delivered 

As mentioned above, virtual distribution environment 100 "associates" content with 
corresponding "rules and controls," and prevents the content from being used or accessed 
unless a set of corresponding "rules and controls" is available. The distributor 106 doesn't 
need to deliver content to control the content's distribution. The preferred embodiment 
can securely protect content by protecting corresponding, usage enabling "rules and 
controls" against unauthorized distribution and use. 

In some examples, "rules and controls" may travel with the content they apply to. Virtual 
distribution environment 100 also allows "rules and controls" to be delivered separately 
from content. Since no one can use or access protected content without "permission" 



from 808 specifies the rights associated with the object 300 such as, for example, who 

can open the container 302, who can use the object's contents, who can distribute the 
object, and what other control mechanisms must be active. For example, permissions 
record 808 may specify a user's rights to use, distribute and printer 622; 

broadcast reception 624; 

a document scanner 626; and 

a "cable" 628 connecting the appliances with a "network." 

Virtual distribution environment 100 provides a "rights operating system" 602 that 
manages appliance 600 and SPU 500 by controlling their hardware resources. The 
operating system 602 may also support at least one "application" 608. Generally, 
"application" 608. ..control path that uses content creator structures to meter user 
activities; and structures created/owned by a financial provider to handle financial parts 
of a content distribution transaction (e.g., defining a credit budget that must be present 
in a control structure to establish creditworthiness, audit processes which must be 
performed by.. .more keys to fragmented or seemingly random pieces of content 
contained in an object 300, database, or other information entity. 

Many objects 300 that are distributed by physical media and/or by "out of channel" 
means (e.g., redistributed after receipt by a customer to another customer) might not 
include key blocks 810 in... or a usable copy of it to a friend would normally be free to do 
so. Traveling Objects have great potential commercial significance, since useful content 
could be primarily distributed by users and through bulletin boards, which would require 
little or no distribution overhead apart from registration with the "original" content 

provider and/or clearinghouse key, giving a cryptoanalyst both more information in 

cyphertext to analyze and a greater incentive to perform cryptoanalysis. 

In the case of a "traveling object," content owners may distribute information with some 
or all of the key blocks 810 include in the object 300 in which the content is 

encapsulated. Putting keys in distributed e.g. summary form, or by actual deletion); 

add or update permissions records 808 for previously registered objects; add or update 
budget records; add or update user rights records; and add or update load modules. 

In the preferred embodiment, an administrative object may be sent, for example, by a 
distributor, client administrators, or, perhaps, a clearinghouse or other... and compactness. 
SPU 500 and platform providers may provide versions of the standard load modules 1 100 
in order to make their products cooperate with the content in distribution mechanisms 
contemplated by VDE 100. The preferred embodiment creates and uses native mode load 
modules 1100 in lieu of an interpreted or "p-code" solution... 
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Detailed Description: 



...ENVIRONMENT AND METHOD THEREOF 
FIELD OF THE INVENTION 

The present invention relates to managing e-Commerce-based network assets and more 
particularly to network asset management in a network-based supply chain environment. 

to 

BACKGROUND OF THE INVENTION 

The ability to quickly, easily and efficiently communicate has always been a critical... 
...telephone switches, central offices, key and hybrid telephone systems (small 
telecommunications switches), call accounting systems, voice messaging systems, 
computer telephony interface (CTI) devices, automatic call distribution (ACD) devices, 
internet servers, etc., the demand for and installation of these systems has continued to 

expand. Often, a vast number of sites have layered surveying users as to their desires 

and preferences so that these can be accurately reflected through programming of the 
equipment. This is typically done by distributing a questionnaire to each user to receive 
information sufficient to allow the equipment to be properly configured. Thus, not only is 
there a substantial time. ..application services in accordance with one embodiment of the 
present 
invention; 

Figure 69 is a flowchart illustrating a profile management service of the customer 
relationship management-related web application services in accordance with one 
embodiment of the present 
invention; 

Figure 70 is a flowchart illustrating the content management and publishing- 
related... illustrative embodiment of the present invention, benefits for the service provider 
under the Maintenance and Service component may include: better on-line network 
performance, and distribution facility rationalization. Benefits for the manufacturer 
under the Maintenance and Service component may include: duplication reduction, and 
distribution facility rationalization. 

Figure 5 is a schematic... impossible to locate individual DS 1 or DSO channels within a 
DS3 bit stream. To extract a single channel, a DS3 signal would need to first be 
demultiplexed through M 1 3 components into twenty-eight DS 1 s before the channels 
could be switched or rearranged. As a result, the.. .home monitoring and control networks, 
and one or more wide band distribution networks interconnecting home monitoring and 



control networks and the central computer facility. The distribution networks connect to 
one or more central computer systems through substation gateways via high-speed digital 
lines. 

The home monitoring and control network is located 0 consumption to the power 

utility via the distribution network. Further, the home network permits automatic meter 
reading and remote service disconnect and reconnect. 

The distribution network includes a wire-based (hybrid fiber/coaxial cable) distribution 
system and an intelligent utility unit (IUU), which interfaces with the home network. The 
FJU... three tiered support structure is optimal for satisfying customer service needs. Each 
tier, or level, possesses an increasing level of skill, with tasks and responsibilities 
distributed accordingly. Such a structure is as follows. 

52 

Tier 1 - typically has a broad set of technical skills and is the first level of support... 

...Management Planning 

Managing Change Planning 

Strategic Planning 

54 

Managing Change 

Includes processes and procedures for handling necessary changes to systems or the 
organization in a distributed environment. 

Change Control 
Testing 
Implementing 
Software Distribution 
Operations Management 

Systems Management consists of the day-to-day operational functions required to 
maintain the system (e.. .billing in the present invention is increased because the hybrid 
network also contains proxy intelligence. 

Figure 13 shows a block diagram of the Network Data Management 1300 in accordance 
with a preferred embodiment of the present invention. Network Data Management 1300 
encompasses the collection of usage data and events for the purpose of network 
performance and traffic analysis. This data may also be an input to Billing (Rating and 
Discounting) processes at the Service Management Layer, depending on the service and 
its architecture. 

The process provides sufficient and relevant information to verify compliance/ non- 
compliance to Service Level Agreements (SLA performance degradation). This also 

includes thresholds and specific requirements for billing. 

69 

This includes information on capacity, utilization, traffic and usage collection, In some 



cases, changes in traffic conditions may trigger changes to the network for the purpose 
of traffic control. Reduced levels of network capacity can result in requests to Network 
Planning for more resources. 

Figure network. 

Further, in step 1406, billing rates and discounts are determined based on the status of the 
hybrid network. 

In addition to the Network Data Management 1300 generating billing events, the present 
invention also uses a Customer Interface Management process 132, as shown in Figure 

15, to directly interact with customers aim is to provide meaningful and timely 

customer contact 

experiences as frequently as the customer requires. 

Figure 16 is a flowchart illustrating a Customer Interface Management Process in 
accordance with a preferred embodiment. First, in step 1600, a service level agreement is 

received for a hybrid network customer. Next, in step to the hybrid network. 

Thereafter, in step 1606, events are generated based on the customer inquiries 
70 

and the service level agreement. 

The Network Data Management 1300 and Customer Interface Management 
process 1500 are used to give information to the Customer Quality of Service 
Management Process 1302, as shown in Figure 17. The Customer Quality of 
Service Management Process 1302 encompasses monitoring, managing and 

reporting of quality of service as to manage service levels that meet specific SLA 

commitments and standard service zo commitments. 

Figure 18 is a flowchart illustrating a Customer Quality of Service Management Process 
in accordance with a preferred embodiment. First, in step 1800, a hybrid network event is 

received which may include customer inquiries, required reports, completion and, in 

step 1804, generates the customer reports accordingly based on the event received. 

71 

Figure 19 shows a block diagram of the Service Quality Management 1304 in 
accordance with a preferred embodiment of the present invention. The Service Quality 
Management Process 1304 supports monitoring service or product quality on a... 
...provide effective service specific monitoring, management and customers meaningftil 
and timely performance information across the parameters of the specific service. 

The aim is also to manage service levels to meet SLA commitments and standard 
commitments for the specific service. 

1 5 

Figure 20 is a flowchart illustrating a Service Quality Management the quality 



management network data is 

generated. Such quality management network data may include constraint data, capacity 
data, service class quality data, service modification recommendations, additional 
capacity requirements, performance requests, and/or usage requests. 

Finally, in step 2006, a network process to which to send the generated data is identified. 

Figure 21 shows a block diagram of the Problem Handling Process 1502. The Problem 
Handling Process receives information from the Customer Interface Management 
Process 1500 and the Customer Quality of service Management Process 1302. It is 
responsible for receiving service complaints from customers, resolve them to the 

customer reported by the customer or not), 

resolving the problem to the customer's satisfaction, and 
providing meaningful status on repair or restoration activity. 

This proactive management also includes planned maintenance outages. The 
aim is to have the largest percentage of problems proactively identified and 

communicated to the customer, to provide meaningful outage notification. Finally, in 

step 2204, the progress of the 
implementation of the resolution is tracked. 

The Problem Handling Process 1502 and the Network Data Management 1300 feed 
information to the Rating and Discounting Process 1306, as shown in Figure 23. This 

process applies the correct rating rules to usage data usage and to correctly apply 

discounts, promotions and credits. 

Figure 24 is a flowchart illustrating Rating and Discounting Process in accordance with a 
preferred embodiment. First, in step 2400, hybrid network customer usage information is 
received. In step 2402, network service level agreement violations are collected, and, in 
step 
73 

, network... to provide universal information access by an object request broker. The 
object request broker allows the Information Services Manager to share management 
information stored in distributed databases. The Proactive Threshold Manager uses the 
infori-nation provided by the Information Services Manger to determine a current level of 
service and compare the violating SLAs. 

115 

Element Management 

As discussed above, the element manager works with the Information Services 

Manager and the Presentation Manager to assist in the management of the 

hybrid network system. The three components are briefly described below to provide 

context for the detailed discussion of the element manager that follows to provide 

ubiquitous infori-nation access via an object request broker (ORB). The ORB allows the 
information services manager to share management information stored in distributed 
databases. 



The information services manager stores critical management infori-nation into 
operational (real-time) and analytical (historical) distributed databases. These databases 
'de common data storage... with capability parameter data to reflect the elements of one or 
more express electronic agreements between WAY participants in regards to the use of 
electronic content such as commercially distributed products. These control capabilities 
manage the use of, and/or auditing of use of, electronic content, as well as reporting 

information based upon content use one or more successive parties who receive or 

otherwise contribute to a given set of control information. Frequently, for a WAF 
application for a given content model (such as distribution of entertainment on CD- 
ROM, content delivery from an Internet repository, or electronic catalog shopping and 
advertising, or some combination of the above) participants would... nature of the WAFF 
capabilities that will and/or may apply to certain electronic information. A WAF content 
container is an object that contains both content (for example, commercially distributed 
electronic information products such as computer software programs, movies, electronic 
publications or reference materials, etc.) and certain control information related to the use 

of the make a WAF container available to other parties. Control information delivered 

by, and/or otherwise available for use with, WAF content containers comprise (for 
commercial content distribution puiposes) WAFF control capabilities (and any 
associated parameter data) for electronic content. These capabilities may constitute one or 

more "proposed" electronic agreements (and/or agreement more WAFF capabilities 

may be present at a WAF installation, and certain WAY agreements may have been 
entered into during the registration process for a content distribution application, to be 
used by such installation for securely controlling WAF content usage, auditing, reporting 
and/or payment. Similarly, a specific WAF participant may enter... to formulate their 
transaction environment to accommodate. 

(1) desired content models, content control models., and content usage 
information pathways, 

(2) a complete range of electronic media and distribution means, 

(3) a broad range of pricing, payment, and auditing strategies, 

(4) very flexible privacy and/or reporting models, 
141 

(5) practical and effective security steps (1) through (5) can 

enable most "real world" electronic commerce and data security models, 
including models unique to the electronic world. 

WAF's transaction management capabilities can enforce. 

(1) privacy rights of users related to information regarding their usage of 
electronic information and/or appliances, 

(2) societal policy such as laws that protect rights of content... can further comprise the 
step of the host computer detecting an inventory level threshold below which inventory 
of the article is to be restocked. 



ELECTRONIC LICENSE DISTRIBUTION AND MANAGEMENT 



Tracks user license entitlements 

Creates an electronic license entry on backend systems 

Sends electronic license to user 

As shown in Figure 64, a method, system, and article of may even be prevented from 

utilizing the software until the license agreement is generated. 

Most software vendors currently favor licensing as the preferred method of distributing 

software. Licensing software provides the vendor with a certain 

amount of control over the distributed software which may be used to the 

vendor's advantage... has been made and the license obtained, the user cannot read the 

license terms prior to the request. In addition, this system lacks flexibility. To change the 

licensing terms, the code in the application must be revised. 

Recently, generation and sales of software programs have become significant businesses 

both for companies which are of the program to specified time periods. A problem 

arises particularly in digital data processing systems which have multiple users and/or 
multiple processors, namely, managing use of licensed software to ensure that the use is 
within the terms of the license, that is, to ensure that the software is only used on 
identified. ..to support the various underlying agreements between parties that comprise 
this extended agreement. These agreements can define important electronic commerce 
considerations including. 

(1) security, 

(2) content use control, including electronic distribution, 

(3) privacy (regarding, for example, information concerning parties described by medical, 
credit, 

tax, personal, and/or of other forms of confidential information), 

(4) management of... 
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Detailed Description: 



...flowchart illustrating a Customer Interface Management Process in accordance 
with a preferred embodiment; 



Figure 17 shows a block diagram of the Customer Quality of Service Management 
Process in 

accordance with a preferred embodiment; 

Figure 18 is a flowchart illustrating a Customer Quality of Service Management Process 
in 

accordance with a preferred... architecture in an online advertising scenario; Figure 1 15 
depicts a sample architecture providing direct network access to several of customers in 
order to share specifications, distribute engineering designs, and collaborate on works in 
progress; 

Figure 116 depicts another exemplary Security Architecture in the scenario of Figure I 1 
5... benefits for the manufacturer under the Demand and Supply Planning component in 
this illustrative embodiment of the present invention may include the following. 

duplication reduction, distribution facility rationalization, reduced inventories, and 
manufacturing capacity utilization. 

With regards to the Order Management component for this illustrative embodiment, 
benefits for the service provider may... home monitoring and control networks, and one or 
more wide band distribution networks interconnecting home monitoring and control 
networks and the central computer facility. The distribution networks connect to one or 
more central computer systems through substation gateways via high-speed digital lines. 

The home monitoring and control network is located RJU controls, communicates, 

and configures devices within the home network, and communicates information from 
the home network back to the utility central computer via the distribution system. The 
distribution network is configured in cells or small hubs which support 250-2,000 users 
at a time. 

35 

The utility central computer includes a T... operational (real-time) and analytical 
(historical) distributed databases. These databases 'de common data storage so that new 
products can be easily inserted into the 
provi 

management environment. For example, if an event is received at an element manager 
that is deemed critical to display to a network user, the information services. ..and 
correlations across multiple dimensions. Build models of the behavior of the data in order 
to predict future growth or problems and facilitate 1 0 managing the network in a 
proactive, yet cost-effective manner. 

Customer to Event Mapping Module - Add-on module to the Managed Networked 
Services Integrated Solution which maps network element events, to service offerings, to 
customers. This tool allows the Customer Service Representative to proactively address 1 
5 network outages with customers. 

Process Definitions and Functions 
Service Planning 



Service Planning includes both the strategic and tactical planning required to manage 
distributed environments effectively. Although most planning typically occurs during 
rollout of the system, certain planning activities must otherwise take place. Service 
Planning ensures that change can be successfully controlled and implemented. 

Service Management Planning 
Operations Management Planning 
Managing Change Planning 
Strategic Planning 
Managing Change 
53 

in a distributed environment. 

Change Control 
Testing 
Implementing 
Software Distribution 
Operations Management 

Systems Management consists of the day-to-day operational functions required to 
maintain the system (e.g. fault detection / correction, security management and 
performance management). 

Production Control 
Monitoring and Control 
Fault Management 
Security Management 
Service Management 

Service Management controls the overall service to the users of the system. It 
isolates... improved to deliver higher resolution digital media over the cable infrastructure 
using NGN and CORE delivery mechanisms. The network becomes transparent and the 
applications and content drive the creativity of the service creation process. The PSTN 
like services will be delivered to devices connected via cable access just like they are... of 
service violations and rebates due to service level agreement violations, is collected and 
processed. Thereafter, in step 2604, customer account invoices are created for 
distribution based on the customer payment information and the billing data. 

Mediation and activity tracking are provided by the event logger and event 
manager. The event... switch determines if the originating trunk group type is an 
Integrated Services User Parts Direct Access Line (ISUP DAL) or an Integrated Services 
Digital Network Primary Rate Interface (ISDN PRI). ISUP is a signaling protocol which 
allows information to be sent from switch to switch as infori-nation parameters. An 
ISUP... manager to share management infori-nation stored in distributed databases. 

The information services manager stores critical management information into 
operational (real-time) and analytical (historical) distributed databases. These databases 
provide common data storage so that new products can be easily inserted into the 



management environment. For example, if an event is.. .and a 

microphone. Utilizing a multimedia equipped computer allows a user to use telephonic 
communication with little or no disruption while interfacing with the Internet. 
Multimedia computer speakers are used to receive the telephony audio from the network 
and the microphone is used to transmit the telephony data to the network... with capability 
parameter data to reflect the elements of one or more express electronic agreements 
between WAF participants in regards to the use of electronic content such as 
commercially distributed products. These control capabilities manage the use of, and/or 
auditing of use of, electronic content, as well as reporting information based upon content 

use one or more successive parties who receive or otherwise contribute to a given set 

of control information. Frequently, for a WAF application for a given content model 
(such as distribution of entertainment on CD-ROM, content delivery from an Internet 
repository, or electronic catalog shopping and advertising, or some combination of the 

above) participants would nature of the WAFF capabilities that will and/or may apply 

to certain electronic information. A WAT content container is an object that contains both 
content (for example, commercially distributed electronic information products such as 
computer software programs, movies, electronic publications or reference materials, etc.) 

and certain control information related to the use of the a WAF container available to 

other parties. Control infort-nation delivered by, and/or otherwise available for use with, 
WAF content containers comprise (for commercial content distribution purposes) 
WAFF control capabilities (and any associated parameter data) for electronic content. 
These capabilities may constitute one or more "proposed" electronic agreements (and/or 

agreement more WAFF capabilities may be present at a WAF installation, and certain 

WAF agreements may have been entered into during the registration process for a 
content distribution application, to be used by such installation for securely controlling 
WAF content usage, auditing, reporting and/or payment. Similarly, a specific WAF 

participant may enter in order to pay for user use of the content. A certain content 

provider might, for example, require metering the number of copies made for 
distribution to employees of a given software program (a portion of the program might 

be maintained in encrypted form and require the presence of a WAF to formulate 

their transaction environment to accommodate. 

(1) desired content models, content control models, and content usage 
information pathways, 

(2) a complete range of electronic media and distribution means, 

(3) a broad range of pricing, payment, and auditing strategies, 

(4) very flexible privacy and/or reporting models, 

(5) practical and effective security architectures with steps (1) through (5) can 

enable most "real world" electronic commerce and data security models, 
including models unique to the electronic world. 

WAFIs transaction management capabilities can enforce. 

(1) privacy rights of users related to information regarding their usage of 

electronic information and/or appliances, 

137 



(2) societal policy such as laws that protect rights of content users or require the 
collection of taxes derived from electronic transaction revenue, and 

(3) the proprietary and/or other rights of parties related to ownership of, distribution of, 
and/or other commercial rights related to, electronic information. 

WAF can support "real" commerce in an electronic form, that is the progressive 
creation of commercial relationships that form, over time... content and/or business 
model. For example, WAF allows content creators to use the same WAF foundation 
control arrangement for both content authoring and for licensing content from other 
content creators for inclusion into their products or for other use. Clearinghouses, 
distributors, content creators, and other WAF users can all interact... can further comprise 
the step of the host computer detecting an inventory level threshold below which 
inventory of the article is to be restocked. 

ELECTRONIC LICENSE DISTRIBUTION AND MANAGEMENT 

Tracks user license entitlements 

Creates an electronic license entry on backend systems 

Sends ...has been made and the license obtained, the user cannot read the license terms 
prior to the request. In addition, this system lacks flexibility. To change the licensing 
terms, the code in the application must be revised. 

Recently, generation and sales of software programs have become significant businesses 

both for companies which are of the program to specified time periods. A problem 

arises particularly in digital data processing systems which have multiple users and/or 
multiple processors, namely, managing use of licensed software to ensure that the use is 
within the terms of the license, that is, to ensure that the software is only used on 
identified... still (from the point of view of the licensor) might actually permit such a 
usage without additional compensation to the licensor. One approach to network 
licensing is to grant permission to use the program based on all of the nodes on the 
network, and to require a license for each node.. .at a given time. These approaches, 
however, have usually required the cooperation of the licensee, because additional nodes 
may be added to the network, or additional users may utilize the software, without the 
knowledge of the licensor, who is typically not present on the premises of the licensee. 

The licensor may to charge a license fee based on the maximum number of nodes that 

are permitted to use the software product concurrently. 

This is called "concurrent licensing". In these environments, a computer 

program, acting as "librarian" and running on a computer node designated as a license 

server, is typically used to distribute 10, product on a requesting node, the node can 

be denied, at such time, access to invoke the software product. 

Examples of software-based concurrent licensing arrangements may be found in Unix 
applications running in connection with software products sold under the trademarks 

NetLS (available from Gradient Technologies, Inc., 577 Main to support the various 

underlying agreements between parties that comprise this extended agreement. These 
agreements can define important electronic commerce considerations including. 



(1) security, 

(2) content use control, including electronic distribution, 

(3) privacy (regarding, for example, information concerning parties described by medical, 
credit, 

tax, personal, and/or of other forms of confidential information), 

(4) management of... 



10/K/10 (Item 3 from file: 349) 

DIALOG(R)File 349: PCT FULLTEXT 

(c) 2009 WIPO/Thomson. All rights reserved. 



I Country Number jKind Date I 
Detailed Description: 

...Key Performance hidicators etc. to assess the success of the market trial. 
Service Launch 

Develop, plan and manage the detailed network, systems, process and program 
management aspects of the launch of a "New Core" that is applicable for the network 

based on the strategy developed above. This ensures that the network systems are be 

able to support the processes required for service creation and management in the "New 
Core". The network creation processes provides the program management tools to 
ensure that the launch is successfully executed. 
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These include entry and exit criteria for network creation, KPIs for quality management, 
program planning and management tool-kits. 

Service Consolidation and Optimization 

As the network operator moves into operating and maintaining the "NGN", there will be 

many parallel market driven journeys creation process provides tools to assist the 

client into improving efficiencies of these parallel journeys. These optimization efforts 
will include organizational, process and technology driven changes to create efficiency 
based on consolidation of processes, as well as measurement tools to determine the 
success of such consolidation. The network architecture roadmap and... intelligence. 

Figure 13 shows a block diagram of the Network Data Management 1300 in accordance 
with a preferred embodiment of the present invention. Network Data Management 1300 
encompasses the collection of usage data and events for the purpose of network 



performance and traffic analysis. This data may also be an input performance 

degradation). This also includes thresholds and specific requirements for billing. 
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This includes information on capacity, utilization, traffic and usage collection. 

In some cases, changes in traffic conditions may trigger changes to the network for the 
purpose of traffic control. Reduced levels of network capacity can result in requests to 
Network Planning for more resources. 

Figure 14 is a flowchart illustrating a network data management process in accordance 
with a preferred embodiment. First, in step 1400, data is collected relating to usage and 
events occurring over a hybrid network. Next, in step 1402, the data is analyzed to 
determine a status of the hybrid network which in turn, in step 1404, is utilized during 
management of the hybrid network. 

Further, in step 1406, billing rates and discounts are determined based on the status of the 
hybrid network. 

In addition to and, in step 1804, generates the customer reports accordingly based on 

the event received. 
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Figure 19 shows a block diagram of the Service Quality Management 1304 in 
accordance with a preferred embodiment of the present invention. The Service Quality 
Management Process 1304 supports monitoring service or product quality on a service 
class basis in order to determine. 

Whether service levels are being met consistently 
Whether... data is identified. 

Figure 21 shows a block diagram of the Problem Handling Process 1502. The Problem 
Handling Process receives information from the Customer Interface Management 
Process 1500 and the Customer Quality of service Management Process 1302. It is 
responsible for receiving service complaints from customers, resolve them to the 
customer's satisfaction and provide meaningful 
73 

status on repair provider in a professional and customer supportive manner. 

Figure 26 is a flowchart illustrating an Invoice and Collections Process in accordance 
with a preferred embodiment. First, in step 2600, customer account inquiries and 
customer payment information is received by the system. Next, in step 2602, billing data, 

including discounts due to of service violations and rebates due to service level 

agreement violations, is collected and processed. Thereafter, in step 2604, customer 
account invoices are created for distribution based on the customer payment infori- 
nation and the billing data. 



Mediation and activity tracking are provided by the event logger and event 
manager. The... utilizes the information from the Discounting Process 1306 to create 
customer billing information. 
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To better understand the invention, it is useful to describe some additional terminology 
relating to a telecommunication network. A telephone call comes into a switch on a 
transmission line referred to as the originating port, or trunk.. .includes a computer usable 
storage medium having therein stored computer software and/or data. 
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Computer programs (also called computer control logic) are stored in main memory 2804 
and/or the secondary memory 2806. Such computer programs, when executed, enable the 
computer system 2800 to perform the functions of the present... appropriate network, not 
necessarily the appropriate end user. Therefore, routers do not need to be huge 
supercomputing systems and are often 'ust machines with small main memories and little 
disk storage. The distinction between gateways and routers is slight, and current usage 
blurs the line to the extent that the two... then the callback subscriber is prompted to select 
another time or denied access to the resources for that time. 

This is utilized to predict when additional ports and/or resources are required. 

Fault Management 

The NGN operations architecture specifies the points of insertion and collections for 
network wide events that feed.. .to provide universal information access by an object 
request broker. The object request broker allows the Information Services Manager to 
share management information stored in distributed databases. The Proactive Threshold 
Manager uses the information provided by the Information Services Manger to determine 

a current level of service and compare the current provide ubiquitous infon-nation 

access via an object request broker (ORB). The ORB allows the infon-nation services 
manager to share management information stored in distributed databases. 

The information services manager stores critical management information into 
operational (real-time) and analytical (historical) distributed databases. These databases 
provide common data storage so... with capability parameter data to reflect the elements 
of one or more express electronic agreements between WAF participants in regards to the 
use of electronic content such as commercially distributed products. These control 
capabilities manage the use of, and/or auditing of use of, electronic content, as well as 

reporting information based upon content use one or more successive parties who 

receive or otherwise contribute to a given set of control information. Frequently, for a 
WAF application for a given content model (such as distribution of entertainment on 
CD-ROM, content delivery from an Internet repository, or electronic catalog shopping 

and advertising, or some combination of the above) participants would nature of the 

WAFF capabilities that will and/or may apply to certain electronic information. A WAF 
content container is an object that contains both content (for example, commercially 



distributed electronic information products such as computer software programs, 
movies, electronic publications or reference materials, etc.) and certain control 

information related to the use of the a WAF container available to other parties. 

Control infori-nation delivered by, and/or otherwise available for use with, WAF content 
containers comprise (for commercial content distribution purposes) WAFF control 
capabilities (and any associated parameter data) for electronic content. These capabilities 
may constitute one or more "proposed" electronic agreements (and/or agreement... more 
WAFF capabilities may be present at a WAF installation, and certain WAF agreements 
may have been entered into during the registration process for a content distribution 
application, to be used by such installation for securely controlling WAF content usage, 
auditing, reporting and/or payment. Similarly, a specific WAT participant may enter... 
...to formulate their transaction environment to accommodate. 

(1) desired content models, content control models, and content usage 
information pathways, 

(2) a complete range of electronic media and distribution means, 

(3) a broad range of pricing, payment, and auditing strategies, 

(4) very flexible privacy and/or reporting models, 
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(5) practical and effective security steps (1) through (5) can 

enable most "real world" electronic commerce and data security models, 
including models unique to the electronic world. 

WAF's transaction management capabilities can enforce. 

(1) privacy rights of users related to information regarding their usage of 
electronic information and/or appliances, 

(2) societal policy such as laws that protect rights of content users or require the 
collection of taxes derived from electronic transaction revenue, and 

(3) the proprietary and/or other rights of parties related confusion and expense and 

other inefficiencies of 

different, limited purpose transaction control applications for each different content 
and/or business model. For example, WAF allows content creators to use the same WAF 
foundation control arrangement for both content authoring and for licensing content from 
other content creators for inclusion into their.. .can further comprise the step of the host 
computer detecting an inventory level threshold below which inventory of the article is to 
be restocked. 

ELECTRONIC LICENSE DISTRIBUTION AND MANAGEMENT 
Tracks user license entitlements 

Creates an electronic license eiritry on backend systems 
Sends electronic license to user 

As shown in Figure 64, a method, system, and article of... code embedded in the 
application to establish the licensing attributes. Code is placed in the application which 
interprets information received from the server to establish licensing parameters. Because 
the behavior of the license is not established until after the request has been made and the 



license obtained, the user cannot read the license terms prior to the request, hi addition, 
this system lacks flexibility. To change the licensing terms, the code in the application 
must be revised. 

Recently, generation and sales of software programs have become significant businesses 

both for companies which are of the program to specified time periods. A problem 

arises particularly in digital data processing systems which have multiple users and/or 
multiple processors, namely, managing use of licensed software to ensure that the use is 
within the terms of the license, that is, to ensure that the software is only used on 
identified... If many of the end users at a company intend to use the software, for example, 
then a site license may be the most appropriate distribution system because it may be the 
low-cost option. If the software only will be used by a few workers, however, then a 
CPU-locked distribution system may be more appropriate. The trade-off point is 
determined by the relative pricing between the two distribution systems. 

For environments where many users need the software but only spend a portion of their 

time using it, neither a dedicated CPU-locked license only one central processing unit 

(CPU) in connection with operation of the software product. 

Although many such licenses are for indefinite periods of time, a license may also be for 
a limited duration and extendable, so that the entity marketing the product can charge a 

periodic fee (for example, annually) for product running at another node (which may 

be the network server or even another workstation). 

Consequently, the terms of the single-computer type of software license might not cover 
the usage of the software product on the network, or worse still (from the point of view of 
the licensor) might actually. ..to support the various underlying agreements between 
parties that comprise this extended agreement. These agreements can define important 
electronic commerce considerations including. 

(1) security, 

(2) content use control, including electronic distribution, 

(3) privacy (regarding, for example, information concerning parties described by medical, 
credit, 

tax, personal, and/or of other forins of confidential information), 

(4) management of.. .or currency usage and administration capabilities, (d) privacy 
protection for usage infori-nation a user does not wish to release, and (e) "living" 
electronic information content dissemination models that flexibly accommodate. 

190 

(1) a breadth of participants, 

(2) one or more pathways (chains) for: the handling of content, content and/or... 
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Detailed Description: 



...for successful use. 

Client server applications can provide response times necessary to support transaction 
intensive mission critical systems. Application logic and business data can be distributed 
between the client and server for optimal efficiency. Web-based interfaces still have an 
inherent overhead due to the connectionless communication and constant downloading 
of... application environment. 

Allows rapid development "out-of-the-box" 

Decreased communication overhead because of a direct connection (for a small number 
of users) 

Allows the distribution of the program's logic (application, presentation, data 
management) 

Limitations of Two-Tiered Architecture 
64 

The use of two-tier tools has resulted in a. ..consist of heavy data entry, transaction 
processing, or a large user base. 

How much does the tool cost? 

Product components, maintenance agreements, upgrades, run-time licenses, and add-on 
packages should be considered. 

Does the product integrate with other tools and/or support other tools in the development 
and execution environments... number of enhancements for extending Web technology 
come under scrutiny by Internet standards groups. These enhancements will ultimately 
push the Web into the realms of distributed document processing and interactive 
multimedia. 

SGML: in the beginning... 

Although the World Wide Web was not created until the early 1990s, the language 
behind it dates back to the genesis. ..apply to record oriented data. A document is defined 
as a collection of objects potentially of different types (e.g., structured data, unstructured 
data, images, multimedia) a business user deals with. An individual document might be a 
table created using a spreadsheet package such as Microsoft Excel, a report created 



using. ..while waiting for a response to a request. 



What's the clients position on DCE? 
133 

DCE software, developed by Open Systems Foundation (OSF), is licensed to OSF- 
member companies to form products that provide common services. The RPC is one of 
several DCE common services. Some clients may desire to... middleware technology 
based on an event-driven publish/subscribe model for information distribution. 
Developed and patented by TIIBCO, the event-driven, publish/subscribe strategy allows 
content to be distributed on an event basis as it, becomes available. Subscribers receive 
content according to topics of interest that are specified once by the subscriber, instead 
of... with the server. 

IMAP4 includes standards for message handling features that allow users to download 
message header information and then decide which e-mail message contents to 
download. 

Implementation considerations 

A number of E-mail servers from vendors including B:P and Netscape are built around 
SMTP, and most proprietary protocol. ..needs of their users. Forming a common pattern 
language for conveying the structures and mechanisms of architectures allows us to 
intelligibly reason about them. The primary focus is not so much on technology as it is 
on creating a culture to document and support sound engineering architecture and design. 

What is... 
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Detailed Description: 

...above, are arranged for display in operation 62. Examples of primary components 
shown in Figure IL include "Security Services", "Commerce", and "Data Services". 
Preferably, the primary components are grouped under descriptive headings, as in 
operation 63. Examples of such headings shown in Figure IL are "Web Application 
Services" and Common Web. ..As shown in operation 16 of Figure 1A, the indicia coding 



may be further employed to indicate priority of implementation for components of the 
system. First, a priority is identified among the plurality of components required for 
implementation of a predetermined technology. See operation 36 of Figure ID. To 

accomplish this operation 36a. Priority may be determined based on a requirement 

that certain components be in place before other components will perform properly. In 
such case, primary components, which should or must be installed before other 
secondary components will function properly, are positioned forward of, or in an 
otherwise prioritized relation to, the. secondary components in the listing in operation 
36b. Further, any tertiary components that should or must be installed after a particular 

secondary component should be positioned back to Figure ID, a pictorial 

representation of the existing network framework and its components is generated in 
operation 37. Operation 38 indicia codes a first component or components of the existing 
network ftamework in order to indicate that the first component is a primary component, 

as selected in operation 36b as determined in operation 36c, and must be implemented 

after the first component. For example, second components which should be provided 
only after other necessaiy first components are in place may be distinguished from the 
primary components by having indicia coding unique with respect to the indicia coding 
of the first... system. In operation 5 lb, components of the existing system that are used for 
building the components of the system are selected and placed in a first group of 
components in the first area of the database. These components are indicia coded on the 
pictorial representation in operation 51 of Figure 1H. In operation 51c, components of 
the... management for networks of up to 100 nodes. 

Product features include the following. 

" Monitoring of events and network health for 
multiple local and remote environments 
Distribution of management data 
Management of file systems, print queues and 
user groups 

t: Balancing of management processing loads 

across e network 

24 

Development Business l...be created. 

Sun's Java language has emerged as an industry-recognized language for 
"programming the Internet." Sun defines Java as: "a simple, object-oriented, distributed, 
interpreted, robust, secure, architecture- neutral, portable, high-performance, 
multithreaded, dynamic, buzzword-compliant, general-purpose programming language. 
Java supports programming for the Internet in the form... Managing project 
interdependencies to ensure delivery of the capability release. 

Ensuring that resources are used effectively across projects for the release. 

As with many other management responsibilities described in IDEA, Release 
Management is more a role than a function. It is good practice to have as many areas as 



possible represented... be integrated with an upper 

case design tool and the other with a lower-case generation tool 

0 In a multisite environment, repositories may be distributed over different locations. In 
order to keep these repositories synchronized, well defined development processes must 
be implemented. 

Repository Management can be divided into the following areas. 

Security 
Maintenance 

Validation and mass change 
Analysis, reporting, and querying 
Security 

Restricted access to various repository object types is necessary to ensure high quality 
repository content, because developers sometimes take shortcuts... testing, the system 
should be technically sound, and data flow throughout the system should be correct. 
Component and assembly testing ensures that all transactions, database updates, and 
conversation flows function accurately. 

Testing in later stages will concentrate on user requirements and business processes, 
including work flow. 

89 

d) Are benefits being... specific task or set of tasks in the development process. As with 
processes and organization, the central component, System Building, is supported by the 
eight management components. 

91 

Information Management tools 202 manage the information that supports 

the entire project - information that is used both in systems building and in other 

management processes 

0 Security Management tools 216 enable the development of security 
components 

Quality Management tools 204 support all quality management processes 
Program and Project Management tools 214 assist the management 
teams in their daily work 

0 Environment Management tools 206 provide the facilities to maintain the 
development environment 

0 Release Management tools 218 manages the simultaneous development of 
multiple releases 

" Configuration Management tools 210 cover the version control, 

migration control and change control of system components such as code and its 

associated documentation 

0 Problem Management tools 212 pertains to the problem tracking and 
solution process 

In appropriate security controls accordingly. 



0 Is communication outside the local environment necessary? 
9 Is remote access required? 

If so, a gateway will be required to manage communication beyond the local 
environment. This will bring with it security implications, as the local environment will 
no longer be isolated. 

b) Do e-mail... ensure that the anticipated benefits of electronic mail and teamware 
materialize. 

For example, certain teamware databases require continuous maintenance in order to 
remain relevant. The management of the database contents may require significantly 
more work than either the initial installation of the tools or the technical support for the 

tools. This the system, interest will soon dwindle, and the system will no longer be of 

any value. 

Group Schedulin (142) 

Group scheduling tools help to centrally manage the personal schedules of a group of 
people. This offers the advantage of being able to coordinate events that require the 
participation of a number... deliver integrated environments. 

98 

Workflow Management ( 1 50) 

When processes become complex and require the participation of multiple groups, simple 
integration techniques are not adequate for managing the process flow, standards 
development. 

Implementation Considerations 

Efficient tools support for Workflow Management requires standards and 
procedures that specify. 

0 Which tasks exist 

0 Expected... the repository. Typically, the developers will be placed in groups with 
diminishing access rights such as repository administrator, technical support, designer, or 
programmer. These access rights may relate to read/write/modify/delete authority. This 
method of access control is far more flexible than simple object locking. 

h) Does the toolprovide...is usually supported by the tools. 

118 

Product Considerations 

a) Does the toolprovide capabilities to caterfor a system running on multiple 
pla@ forms or a distributed system? 

Ideally, the Version Control tool must be able to operate on all the platforms in use, 
whilst at the same time performing Version Control... correct locking and unlocking of 
repository objects and source modules. 



Implementation Considerations 

a) Does the project require strict scope control? 

Specifications and scope may be changed at any time if Change Control tools and 
standards are not implemented. This can result in the project running over budget, or 

being delivered late the application. Change requests may also be rejected or deferred 

by an authorized person. 

d) Is coordination of changes required? 

Facilities to track interdependencies between change requests (for example, change 
request A must be completed before change request B can start) are provided by Change 
Control tools. This can be used to encourage efficient scheduling and to ensure that work 
is not duplicated. 

e) Should a record be kept of be implemented effectively. 

Multiple changes may affect the same component and it would be wasteful to open that 
component many times over and implement the changes one at a time. Impact analysis 
can be used to ensure that all relevant changes to that component are implemented 
together. 

Hence impact analysis is. ..the Knowledge Xchange. 

Data and Software Distribution is a key tool in this category for development 
environments that have several developers. These tools enable automated distribution of 
data and software to the workstations and servers in the development environment. 

Problem Management (212) 

Problem Management tools help track each system investigation request... how well the 
product integrates with other design and development tools, presentation services 
(graphics, multi-media, etc.), data access services (databases and database API libraries), 
distribution services (distributed TP monitor), transmission services (SNA, HLLAPI, 
etc.), data dictionary, desktop applications, and programming languages for call- out/call- 
in. Additional consideration should be given to. ..In the majority of Integrated 
Development Environments, the Compiler, Linker and/or Interpreter are included as an 
integral part of the system. In addition, the management of compilation and linking is 
automated using MAKE utilities which understand the dependencies between modules in 
the system. This allows the system to trigger all. ..when using a source code 
debugging tool? 

Communication between development team and testing team 
A code analysis tool can help the testing team detect unreported changes in the 
application code, and therefore help alleviate possible bad communications between the 
development and testing teams. Thus, bad communications between teams will still 
influence... quality system. Therefore, dealing with a highly critical engagement will most 
likely affect positively the decision to use tools such as Test Planning, test data 
management, problem management, and configuration management. 



e) What applicationfactors should be considered when using a Test Planning tool? 
Starting point of automation in the development life cycle 

If... data generation, event processing, and repositories components and then send data to 
the presentation or repositories components. 

Management applications tools include capacity planning tools, performance 
management tools, license management tools, remote management tools, systems 
monitoring tools, scheduling tools, help desk tools, etc.. Some Enterprise Management 
tools even poll the event/data generators for information but these options... knowledge 
and experience at the user locations. The level of technical expertise within the Incident 
Management function will drive the systems requirements. 

Problem Management 

Problem Management utilizes the skills of experts and support groups to fix and prevent 
recurring incidents by deten-nining and fixing the underlying problems causing those 
incidents... 
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Detailed Description: 

...codes a second component and any remaining components of the existing network 
framework in order to indicate that the second component and remaining components are 
secondary components, as determined in operation 36c, and must be implemented after 
the first component. For example, second components which should be provided only 
after other necessary first components are in place may be distinguished from the 
primary components by havingindicia coding unique with respect to the indicia coding 
of the first components, and likewise for tertiary components, etc. 

Further, indicia coding may... of the application server, with the 
ability to configure a range of properties for each server 
component and the processes within them. It can also 
distribute components across multiple systems and manage 
multiple configurations. 



The Productl product family may be extended through these 



components. 



PAC SDK - Productl platform that allows 
developers tools that allow users to 

communicate in a heterogeneous environment of Businessl Product3 A secure, standards- 
based web server for accessing, 1.5 managing, and distributing information over the 
Internet, extranets, or 

intranets. Product3 supports Java servlet development and network 
caching of web pages. 

Product3 simplifies management of website environments 

through delegation of administrative privileges such as access rights to 

administer meta-data components or load-balancing. 

Java Web Server The first commercially available Java service based on the 
JavaServer API framework for Java servlets. It uses serviet 
technology to enable server-side Java applications and provides... from 
Tools consuming all available bandwidth, it ensures the quality of 
service to users and network availability to applications. 

Product6 Enterprise Manager - Business I's 
distributed network management foundation that manages large 
heterogeneous networks. Product6 Enterprise Manager supports 
and manages Java applications built for various network types. 

Product6 Site Manager & Product6 for networks of up to I 00 nodes. 

Product features include the following. 

Monitoring of events and network health for 
multiple local and remote environments 
Distribution of management data 
Management of file systems, print queues and 
user groups 

Balancing of management processing loads 
across the network 

Business I offers a variety... project, they should work as facilitators - helping the 
designers do things correctly the first time, thereby maintaining the integrity of the 
repository. Without strong repository management, the benefits of using a repository 
quickly diminish. 

In many situations the Information Management team must make decisions that affect 
functional areas. To empower the include. 

Reviewing designs 

Packaging classes and components for reuse 



Managing maintenance and upgrades of common components (a strong 
relationship with Configuration Management team is required) 
Media Content Management 

The methods of handling media content are somewhat different from those 
surrounding more traditional development content such as code or documentation, for 
this reason, a role should be defined that is.. .more creative and attractive user interfaces, 
but also reduces the risk of further alteration to work at a later stage. 

b) Usability 

Often coupled with Media Content Design, it is vital that a role for usability is defined 
within the Application Development teams. This will ensure the usability of the 
system... are run and fixes implemented, migration can become complex, requiring 
flexible mechanisms for locking and unlocking system components and analyzing the 1 5 
impacts of change. 

" Information management, and in particular repository management, 

guarantees a correct view of the interrelationships between system components. This is 
required to ensure that impact analyses are complete and correct, which, in turn... 
...system test environment) 
Run test cycle 

Compare expected results and actual results 
0 Log System Investigation Requests (SIRs) 

4' Analyze deviations and identify components requiring change (either 

expected results, test-data, or system components) 

Define Change Requests (CRs) and perform impact analysis 

Package those change requests that affect the same areas and that naturally 

belong together, into change packages 

Schedule and staff the changes 

Unlock components for change 

81 

Perform changes and refine impact analysis based on added understanding 

Verify changes before re-submitting to system test 

Migrate to system test based on updated impact analysis and re-lock 

components 

Implementation Considerations 

a) What model o testing does thefirmfollow? 

?f 

The following is an overview of the firm's.. .testing, the system should be technically 
sound, and data flow throughout the system should be correct. Component and assembly 
testing ensures that all transactions, database updates, and conversation flows function 
accurately. 

Testing in later stages will concentrate on user requirements and business processes, 
including work flow. 
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d) Are benefits being Project Management tools 214 assist the management 

teams in their daily work 

" Environment Management tools 206 provide the facilities to maintain the 
development environment 

" Release Management tools 218 manages the simultaneous development of 
multiple releases 

" Configuration Management tools 210 cover the version control, 

migration control and change control of system components such as code. ..a reduction in 
training costs. 

c) Does an existing component satisfy this requirement? 

Engagement teams sometimes choose tools that provide multiple development functions, 
including Configuration Management tools. The decision to choose between available 
Configuration Management tools may already have been decided as a result of using 
certain other tools within the configuration? 

The components involved in Configuration Management typically involve 
hardware, system software, and application components together with their 
documentation. 

The tools should be able to manage and keep track of all the component types that make 
up a configuration. 

e) Does the toolprovide capabilitiesfor exception reports? 
If for some reason a... the system can be tracked. 

The tools usually provide a facility to report on differences in versions so the version that 
existed when a critical change was made can be identified and recreated or retrieved. The 
tools can also provide a means of documenting why decisions are made during the 
evolution and is usually supported by the tools. 

Product COnNiderations 

a) Does the toolprovide capabilities to caterfor a system running on multiple 
pla@ forms or a distributed system? 

Ideally, the Version Control tool must be able to operate on all the platforms in use, 
whilst at the same time performing Version Control. ..a) Does the tool support the 
migration of all the components that make up a 
migration object? 

The Migration Control tool should be able to manage and control the migration of a] I 
the components (for example, source code, database access, make files, run-time data, 
environment variables, code libraries, code.. .by such unauthorized access, and to audit 
access the environment services. At the security management level, it may be valuable to 
have tools which help manage security profiles, security groups, and access rights. 

Product Considerations 

a) Does the tool use Role- based access control? 

Role -based access control establishes access rights and profiles based on job functions 



within the environment. If different access rights are required for security administrators 
vs. code developers vs. code reviewers vs. testers, then the correct access can be 
established based on these functions. 

b the Knowledge Xchange. 

Data and Software Distribution is a key tool in this category for development 
environments that have several developers. These tools enable automated distribution of 
data and software to the workstations and servers in the development environment. 

Problem Management (212) 

Problem Management tools help track each system investigation request... does not 
always guarantee their quality. In order to minimize the dependency of the final system 
on these components (thus reducing the impact of possible changes within the libraries), 
it is 
151 

recommended that wrappers are written to enclose any third-party components. This way, 
if any changes are made to the internals of the components, only the wrappers would be 
affected, allowing the application and architecture code to remain unchanged. 

Frameworks may for developers, there may be the tendency for people to download 

their own preferred tools, or upgrades to standard tools. This not only affects the 
management of the development environment, but could easily result in the generation 
of code that is incompatible with the rest of the code in the development... Internet and 
kiosk-based systems, where users have a notoriously short concentration span. 

This requirement for more attractive user interfaces has triggered the evolution of media- 
rich applications, the development of which requires new tools and processes, and brings 
with it a whole new set of issues. 

Media content can be. ..Execution Architectures, every function of the Operations 
Architecture must be reviewed. All components of the Operations Architecture are 
integral to the successful management of a distributed environment. Any processes, 
procedures, or tools developed or chosen as an operational management solution for a 

specific operational area must be able to integrate with individuals who will be 

performing the function should be involved in the design of how the function will be 
performed. 

Will thefunction be centralized or distributed? 

Central control will mean a stronger focus on remote management, with skills focused in 
one place, whereas distributed control will mean skills will need to be more widely 
dispersed. Distributed functions may require less powerful tools due to their placement. 

Will the solution be manual or automated? 

A number of functions could be managed manually... the system. Event Management 
receives, logs, classifies and presents event messages on a console(s) based on pre- 



established filters or thresholds. 



MANAGEMENT APPLICATIONS (1320) 

Management applications are those tools which are used to manage the system. 

Most of the MODE functions tie directly into this component. The management 
applications component ties in directly with the integration platform component as... 
...data generation, event processing, and repositories components and then send data to 
the presentation or repositories components. Management applications tools include 
capacity planning tools, performance management tools, license management tools, 
remote management tools, systems monitoring tools, scheduling tools, help desk tools, 
etc.. Some Enterprise Management tools even poll the event/data generators for 

information but these options as well as the key data items specified in the data 

requirements section. Data and time stamps should be automatically registered and 
Incident and Request management staff should have access to display all open incidents 
and requests as well as the incident/request history for a specific user location. 

Progress Incidents. ..activities are performed and controlled as required and as intended. 

Production Scheduling 

Production Scheduling determines the requirements for the execution of scheduled jobs 
across a distributed environment. A production schedule is then planned to meet these 
requirements, taking into consideration other processes occurring throughout the 
distributed environment (e.g., software and data distribution, remote backup/restoration 
of data.) It plans the production workload and then submits the tasks to the system in the 
proper sequence, ...determined for the execution of scheduled jobs across the 
environment. 

Does and existing component satisfy this requirement? 

Production Scheduling contains specific requirements that addresses a distributed 
environments complexity of multiple platforms and system placed in either a parallel or 
serial fashion. 

What other utilities are available with the tool? 
The tool... 
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...a web architecture framework. 
SUMMARY OF THE INVENTION 

A system, method, and article of manufacture are provided for prioritizing components of 
an existing network framework. First, a priority is determined among a plurality of 
components required for implementation of a predetermined technology using an existing 
network framework. The existing network frame work... to a specific web architecture 
framework of the present invention will be described. 

As shown in Figure 1A, the presentation method of the present invention first includes 
displaying a pictorial representation of a system, i.e. web architecture framework, 
including a plurality of components. Note operation ...the first component. For example, 
second components which should be provided only after other necessary first components 
are in place may be distinguished from the primary components by having indicia 
coding unique with respect to the indicia coding of the first components, and likewise for 
tertiary components, etc. 

Further, indicia coding... the existing system that are used for building the components of 
the system are selected and placed in a first group of components in the first area of the 
database. These components are indicia coded on the pictorial representation in operation 
51 of Figure 1H. In operation 51c, components of the ...of the application server, with the 
ability to configure a range of properties for each server 
component and the processes within them. It can also 
distribute components across multiple systems and manage 
multiple configurations. 

The Productl product family may be extended through these 
components. 

PAC SDK -- Productl platform that allows 
developers allow users to 

communicate in a heterogeneous environment of Business I Product3 —I- A secure, 
standards-based web server for accessing, 1.5 managing, and distributing information 
over the Internet, extranets, or 

intranets. Product3 supports Java servlet development and network 
caching of web pages. 

Product3 simplifies management of website environments 

through information such as user definitions, user profiles, network resource 

definitions, and configuration parameters. It employs naming, 
directory, and authentication protocols on top of a shared, distributed, 



object repository. Users and applications can use the directory to 
locate and access information from anywhere in the network. 

JavaWallet Java Electronic Commerce Framework (JECF...for thousands of users. 

Server 
26 

ha A newsgroup server that provides collaboration services 
through discussion groups. Business2 Chat Server also supports the 
moderation of content and administration of discussion groups. 

Bussiness2 An email server that delivers messages with embedded sound, 
graphics, video files, HTML forms, Java applets, and desktop 
Messaging. ..responsible for ensuring the quality of the system building process. The 
Quality team is also directly involved in ensuring the quality of the other IDEA 
management processes. 

Program & Project Management 

The Program Management team is responsible for delivering business capability. 

In this respect, it is responsible for the System Building and other management teams. 
In... Application team evolves as the development process continues - as the development 
of the application architecture components is completed, the Application Architecture 
team's roles may change. While the team continues maintaining the application 
architecture components, some team members may be deployed to the Application 
Development team. Here their roles can include... organization - the higher the life 
expectancy, the more standards are justified 

volatile :ne Attrition - a stable organization can tackle more detailed standards than a 

" Expected change in the environment - a high rate of change provides 

greater opportunity to reap the benefits of a standardized approach 

Procedures specify how to perform a.. .i.e. encapsulate them so that the visible piece of 

any component remains fully controlled. This way, when a component is replaced (either 

for an update or because it has proved to be defective), no other system components that 

refer to that component will need to be altered. 

Construction (134) 

Construction... test cycles are run and fixes implemented, migration can become complex, 
requiring flexible mechanisms for locking and unlocking system components and 
analyzing the impacts of change. 

* Information management, and in particular repository management, 

guarantees a correct view of the interrelationships between system components. This is 
required to ensure that impact analyses are complete and correct, which, in turn, makes 
for effective regression testing. 

* Quality management, together with well-defined standards and procedures, ensures 



that the outputs from each test activity are documented at the right level of detail and 

fed the system test environment) 

Run test cycle 

Compare expected results and actual results 
0 Log System Investigation Requests (SIRs) 

" Analyze deviations and identify components requiring change (either 

expected results, test-data, or system components) 

Define Change Requests (CRs) and perform impact analysis 

Package those change requests that affect the same areas and that naturally 

belong together, into change packages 

Schedule and staff the changes 

Unlock components for change 

Perform changes and refine impact analysis based on added understanding 
Verify changes before re-submitting to system test 

Migrate to system test based on updated impact analysis... Configuration Management 
tools 210 cover the version control, 

migration control and change control of system components such as code and its 
associated documentation 

0 Problem Management tools 212 pertains to the problem tracking and 
solution process 

In addition, three other components are required to fully support development. 

* Productivity tools 1002 provide.. .the Collaboration Architecture Framework in the 
Technology Library. 

Implementation Considerations 

a) How distributed are the project teams? 

On projects with development sites that are geographically distributed, it is usually the 
case that communication by e-mail alone is not a sufficient substitute for meetings when 
attempting to coordinate the teams involved.. .the number of objects, files, or components. 
The management of these items becomes increasingly difficult to manage and track 
during the development process. The Configuration Management tool provides structure 
for managing the objects, files, and components and reduces the risk of lost information 
caused by version problems, or by items not being migrated properly. 

104 

d...to a change request. 

Does the tool provide a means of indicating which development team member is 

best suited to perform the implementation of that change request? 

This functionality should be available as part of the scheduling capability. An added 

feature would be the capability to balance workload across the team... the interface with 

developers. 

As defined in MODE, these include the following. 



Tools to support and manage the Help Desk 

Tools to support the creation, management, and reporting of Service Level 
114 

Agreements (SLAs) and Operations Level Agreements (OLAs) 

0 Tools to manage and support the quality of the development environment 

Systems Management (126) 

Systems Management Tools support and manage the operation of the distributed system. 
Many specific monitoring and analysis tools are covered in detail in theNetwork 
Performance Management practice aid and the Technology Products and Vendors 
database, both... which can be used to clarify and communicate issues. 

Product Considerations 

a) How much does the tool cost? 

Product components, maintenance agreements, upgrades, run-time licenses, and add-on 
packages should be considered. 

b) Will the design tool be usedfor programming of client applications? What 
programming language is supported? 

If the... server or Netcentric) remains a complex task because of the large number of 
integrated components involved (for example, multiplatform clients, multiplatform 
servers, multitiered applications, communications, distributed processing, and data), 
which, in turn, results in a large number and variety of Testing tools. 

For any large scale testing effort, it is vital over the test data for the various testers), a 

configuration management tool (easier control over all system configurations and 
component versions), and a test plan management tool (easier control over all test 
cycles, subcycles, their execution statuses, and so on). 

b) What engagementfactors affect the use of Test Data Management tools.. .a stronger 
focus on remote management, with skills focused in one place, whereas distributed 
control will mean skills will need to be more widely dispersed. Distributed functions 
may require less powerful tools due to their placement. 

Will the solution be manual or automated? 

A number of functions could be managed manually. ..and correct the fault. Although it 
may be possible to automate this process, human intervention may be required to perform 
at least some of these management tasks. 

EVENT / DATA GENERATION (1314) 

Event/data generation interacts with all the managed components in the execution and 

development environments in order to obtain the data generation, event processing, 

and repositories components and then send data to the presentation or repositories 
components. Management applications tools include capacity planning tools, 
performance management tools, license management tools, remote management tools, 
systems monitoring tools, scheduling tools, help desk tools, etc.. Some Enterprise 
Management tools even poll the event/data generators for information but these options 



may impact network performance. Web Server management is been introduced as part 
of the management operations framework. As Corporate Internets and Extranets 
implement Web based software products to sell and advertise business services, 
corresponding administrative, security, event notification and performance. ..are 
performed and controlled as required and as intended. 
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Production Scheduling 

Production Scheduling determines the requirements for the execution of scheduled jobs 
across a distributed environment. A production schedule is then planned ...determined 
for the execution of scheduled jobs across the environment. 

Does and existing component satisfy this requirement? 

Production Scheduling contains specific requirements that addresses a distributed 
environments complexity of multiple platforms and system placed in either a parallel or 
serial fashion. 

What other utilities are available with the tool? 

The tool the 

distribution process 

0 Notifies the service level management facility of any missed service 
commitments. 

0 Communicates with the documentation management facility to obtain the 
distribution information, media type and service level commitments. 

0 Communicates with the ...with the flip of a power switch on a workstation. Processes 
which rely on the system being up and running (e.g., software and data distribution) may 
fail if a user has switched his/her machine off before leaving for the evening. Such 
failures will impact the following days processing capabilities... 



10/K/15 (Item 8 from file: 349) 

DIALOG(R)File 349: PCT FULLTEXT 

(c) 2009 WIPO/Thomson. All rights reserved. 



jCountry Number iKind IDate 



Detailed Description: 



...such headings shown in Figure 1L are "Web Application Services" and Common Web 
Services". 



Each of the primary components is formed of a group of secondary components. In 
operation 64, each set of secondary components is positioned towards or over each of the 
primary components in such a manner that a viewer would visually associate a group of 
secondary... in order to indicate that the second component and remaining components are 
secondary components, as determined in operation 36c, and must be implemented after 
the first component. For example, second components which should be provided only 
after other necessary first components are in place may be distinguished from the primary 

components unique with respect to the indicia coding of the first set of components. 

Such second set of components may include some or all of the secondary components 
found in operation 41b. Referring to Figure IP, an exemplary first set of components is 
identified in the legend under "First Delivery". In Figure... debit cards, electronic 
cash and checks, and smart cards. 

The initial component of the JECIF is the JavaWallet, a client 
side application that will be distributed as a core component of the 
Java environment. JavaWallet will allow users of any Java-enabled 
web browser or operating system to purchase goods and... true of the development 
environment. When a new development environment is put in place, the developers need 
to learn not only how each individual tool works (for example, how to use the compiler), 
but also how the tools work together to support the organization as it performs well 
defined processes. 

The Figure 3 is an illustration showing a security organization according to one 

embodiment of the present invention. A Security Management Team may have a security 
management 300, under which are an administration team 302, a projects & planning 
team 
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, and a business process security team 306. The size of the Security manage this 

population process. Rather than taking a policing role on the project, they should work as 
facilitators - helping the designers do things correctly the first time, thereby maintaining 
the integrity of the repository. Without strong repositoiy management, the benefits of 
using a repository quickly diminish. 

In many situations the Information... i.e. encapsulate them so that the visible piece of any 
component remains fully controlled. This way, when a component is replaced (either for 
an update or because it has proved to be defective), no other system components that 
refer to that component will need to be altered. 

Construction (134) 

Construction... belong together, into change packages 
Schedule and staff the changes 
Unlock components for change 

Perform changes and refine impact analysis based on added understanding 

Verify changes before re- submitting to system test 

Migrate to system test based on updated impact analysis and re-lock 



components 

Implementation Considerations 

a) What model of testing does thefrmfoilow? 

The following is an overview of the firm's testing. ..well understood that both good 
communication and knowledge sharing are vital for the success of any team. As 
development projects get bigger and teams more distributed, it becomes increasingly 
difficult to maintain communication between project team members. Collaborative tools 

have been developed with this very purpose in mind - to enable groups collaboration 

may be found in the Collaboration Extensions Framework in the database, and the 
Collaboration Architecture Framework in the Technology Library. 

Implementation Considerations 

a) How distributed are the project teams? 

On projects with development sites that are geographically distributed, it is usually the 
case that communication by e-mail alone is not a sufficient substitute for meetings when 

attempting to coordinate the teams involved to send simple ASCII text, e-mail 

systems usually provide the capability to attach binary files to messages, E-mail is a 
convenient tool for distributing information to a group of people, as it has the advantage 
of delivering content directly to the 'mailbox' of each individual, rather than relying 
on... located? 

Configuration Management tools are essential when development teams are not 
centralized at one location. These tools provide services, such as version control, when 
geographically distributed teams need to access common modules or data, such as code 
tables. Configuration Management tools may still be necessary even if ...migrated 
properly. 
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d) Is the development effort to be sustained over a prolongedperiod? 

Over time, a large number of configurations will evolve and Configuration Management 
tools can be used to control the evolution and to document these configurations. 

e) Is there a large number of components? 

It may be necessary needed once the system becomes large and many modules (which 

may include programs, header files, copybooks, shared components, subroutines, and so 
on) have to be managed. There is a significant cost involved in formal configuration 
management. If the system has a little over 100 modules, the Configuration Management 
component may consist merely of awhiteboard or Excel spreadsheet. As the number 
of... automated and is usually supported by the tools. 

Product Considerations 

a) Does the toolprovide capabilities to caterfor a system running on multiple 
plafforms or a distributed system? 

Ideally, the Version Control tool must be able to operate on all the platforms in use, 
whilst at the same time performing Version Control... across the team. 

e) How does the tool handle exceptions? 



The tool should provide a capability to generate exception reports that highlight issues 
such as change requests that are in danger of not meeting the release to which it was 
allocated. 

fi What is the prediction for volume of change requestsfor...O Tools to manage and 
support the quality of the development environment 
Systems Managemen (126) 

Systems Management Tools support and manage the operation of the distributed system. 
Many specific monitoring and analysis tools are covered in detail in the Network 
Performance Management practice aid and the Technology Products and Vendors 
database, both available on the Knowledge Xchange. 

Startup & Shutdown 

A comprehensive development environment rapidly becomes sufficiently 
complex... manage security profiles, security groups, and access rights. 

Product Considerations 

a) Does the tool use Role- based access control? 

Role -based access control establishes access rights and profiles based onjob functions 
within the environment. If different access rights are required for security administrators 
vs. code developers vs. code reviewers vs. testers.. .be used to clarify and communicate 
issues. 

Product Considerations 

a) How much does the tool cost? 

1 5 Product components, maintenance agreements, upgrades, run-time licenses, and add- 
on packages should be considered. 

b) Will the design tool be usedforprogramming of client applications? What 
programming language is supported? 

If the design. ..the impact of possible changes within the libraries), it is recommended that 
wrappers are written to enclose any third-party components. This way, if any changes are 
made to the internals of the components, only the wrappers would be affected, allowing 
the application and architecture code to remain unchanged. 

Frameworks may.. .on the same team using tools which employ different version of the 
JDK). 

Product Considerations 

a) What size is the development team? 

When IDEs were first developed, they were targeted at individual developers. This 
means that support for team development is still not fully mature in the majority oflDEs, 
although some... are involved, it is important that they are fully integrated into the team. 

For both image and audio, it is possible to purchase re-usable content from agencies, 
usually delivered in the form of CD-ROMs. 



NOTE: Tools required to store and manage media content (and storage formats) are 
discussed in... plan management tool (easier control over all test cycles, subcycles, their 
execution statuses, and so on). 

b) What engagementfactors affect the use of Test Data Management tools? 
Risk rating of the engagement 

In general, management and planning tools help better address the engagement risks. A 
high risk rating for the engagement will affect positively the decision to use tools 
such... individuals who will be performing the function should be involved in the design 
of how the function will be performed. 

Will thefunction be centralized or distributed? 

Central control will mean a stronger focus on remote management, with skills focused in 
one place, whereas distributed control will mean skills will need to. ..not get lost as they 
are passed around support 
teams 

informing users when incidents have been resolved and ensuring resolution was 
complete. 

In addition, Incident Management is responsible for ensuring that outstanding incidents 
are resolved in a timely manner. As part of Incident Management, incidents are reviewed, 
analyzed, tracked, escalated as a disaster) has occurred. 

Fault Managements 1312) 

When a negative event has been brought to the attention of the system, actions are 
undertaken within Fault Management to define, diagnose, and correct the fault. 
Although it may be possible to automate this process, human intervention may be 

required to perform at least the management applications tools must comply with the 

standards set by the integration platform. For example, if the integration platform is HP 
Open View, then the management applications must be HP OpenView software (API, 
SNMPx) or hardware (card) compliant. 

Management applications receive data from the event/data generation, event processing, 
and repositories components and then send data to the presentation or repositories 
components. Management applications tools include capacity planning tools, 
performance management tools, license management tools, remote management tools, 
systems monitoring tools, scheduling tools, help desk tools, etc.. Some Enterprise 
Management tools even poll the event/data generators for information but these options 
may impact network performance. Web Server management is been introduced as part 
of.. .174 
Recoyjpry 

Recovery manages all of the actions needed to restore service delivery after a system 
failure. With critical business applications being rolled out on distributed technologies, 
the recovery of these systems must be easy, quick and efficient to guarantee availability 
of core business systems as expressed in the agreed service of scheduled jobs across a 



distributed environment. A production schedule is then planned to meet these 
requirements, taking into consideration other processes occurring throughout the 
distributed environment (e.g., software and data distribution, remote backup/restoration 
of data.) It plans the production workload and then submits the tasks to the system in the 
proper sequence, stops processing upon... workload 
from one processor to another in the event of a system failure. 

Print Managemen 

Print Management monitors all of the printing done across a distributed 
environment and is responsible for managing the printers and printing at both central and 
remote locations. The purpose of a print architecture is to make performed in off- 
hours or delayed to avoid contention for the printer during business hours. 

What are some limitations that may be encountered? 

In a distributed environment the sizing and routing of print traffic is more complex. 

With new systems being installed, only educated guesses about how and when printing 

will bottlenecks in the 

distribution process 

" Notifies the service level management facility of any missed service 
commitments. 

" Communicates with the documentation management facility to obtain the 
distribution information, media type and service level commitments. 

" Communicates with the recovery management facility to delete reports that will be 
recreated. 

0 Communicates report volumes to the resource.. .Some limitations that may need to be 
taken into account? 

System startup and shutdown is no longer confined to a centralized site. The system is 
distributed, in effect creating islands of technology which may be started or shutdown 

with the flip of a power switch on a workstation. Processes which rely checking or 

virus detection/correction. 
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Mass Storage Managernen 

Mass Storage Management involves those activities related to the handling of various 
types of centralized and distributed storage media including the monitoring and 
controlling of storage resources and their usage. 

The objectives of Mass Storage management are to: implement the top level of storage... 
...in a distributed environment than in a centralized environment since many more storage 
options become available, as storage may take place centrally or on a distributed basis 
and the number and characteristics of storage devices have increased. 



Implementation Considerations 

What DBMS will be used and what utilities does it have? 

1 be simpler then for distributed databases were a global view becomes more difficult 

to obtain, and where data consistency becomes more of an issue. 

What media types will be used? 

It is essential that the types of device to be used are understood before detailed decisions 
are taken. 

Distributed Environmental Constraints... 
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Detailed Description: 



...a first set of components are 1 5 presented that are to be delivered in a first phase. This 
is accomplished by indicia coding the first set of components in a specific manner, 
Further, a second set of components are presented that are to be delivered in a second 
phase. This... custom development. 

Product I Command Center - a Java-based 

application that provides local and remote management and 

monitoring of the platform in real-time. This management 

console provides control of the application server, with the 

ability to configure a range of properties for each server 

component and the processes within them Product3 supports Java servlet 



development and network 
caching of web pages. 

Product3 simplifies management of website environments 

through delegation of administrative privileges such as access rights to 

administer meta-data components or load-balancing. 

Java Web Server The first commercially available Java service based on the 
JavaServer API framework for Java.. .as electronic commerce. 

24 

@@ 

A suite of pre-built applications that run on Business2's 
Application Server. These applications include buying, selling, 
merchandising, and delivering content over the Internet. 

Productl ECProductl - Software for the integration of 

eCommerce applications with legacy systems. It provides for 

the sending, receiving, and encrypted transmission of in a group. 

Calendar - delivers group scheduling based 
on a scalable real-time architecture. 

Browser Customization 

Business2 Business Customization Kit 

enables Internet service providers, Internet content providers, 

hardware OEMs, and others to create customized versions of 

Product2. 

Business2 Mission Control Desktop - cross 

platform administration tools to configure, deploy, centrally 

manage, and update Business2 Product2. 

Business2 A high-performance, scalable web server software for 

Enterprise Server deploying the largest-scale web sites. Business2 Enterprise Server 

includes a built... broadcasting, 

and receiving system that enables the creation and delivery of 
media-rich information, both inside and outside the enterprise. 

Media server includes four components. 

Media Server - play real-time audio feeds, 

provide on-demand access to pre-recorded audio clips, 

and synchronize audio with HTML documents, Java 

applets, and JavaScript... system building process. The Quality team is also directly 
involved in ensuring the quality of the other IDEA management processes. 



Program & Project Management 

The Program Management team is responsible for delivering business capability. 

In this respect, it is responsible for the System Building and other management teams. In 
addition, other management responsibilities that do not have a specific team or role 
defined within IDEA also belong to the Program Management team... Application team 
evolves as the development process continues - as the development of the application 
architecture components is completed, the Application Architecture team's roles may 
change. While the team continues maintaining the application architecture components, 
some team members may be deployed to the Application Development team. Here their 
roles can include... higher the life 
expectancy, the more standards are justified 

Attrition - a stable organization can tackle more detailed standards than a 
47 

volatile one 

0 Expected change in the environment - a high rate of change provides 
greater opportunity to reap the benefits of a standardized approach 
Procedures specify how to perform a task. They are generally guided by the 
methodology... and interact, effectively reverse engineering the system into a conceptual 
model. It may be necessary to study certain pieces of code to understand how they work, 
but reverse engineering is not limited to code. For example, these techniques might help 
understand the data-model of a legacy application, in 
76 

order.. .i.e. encapsulate them so that the visible piece of any component remains fully 
controlled. This way, when a component is replaced (either for an update or because it 
has proved to be defective), no other system components that refer to that component will 
need to be altered. 

Construction (134) 
Construction high quality. 

The arrival of Integrated Development Environments ODEs), has further simplified the 
automation of construction processes to the degree that a single tool can manage the 
majority of the process. 

As with Analysis and Design, usability must not be ignored in the construction of a 

system. Especially in the case Component-based development may have an impact on 

the way in which testing should be performed. 

Standards and Procedures 

System test relies heavily on configuration management, repository management, and 
quality management. 

0 Configuration management provides the basis for promoting a 

configuration from the construction environment to the system test environment. As test 



cycles are run and fixes implemented, migration between system components. This is 

required to ensure that impact analyses are complete and correct, which, in turn, makes 
for effective regression testing. 

0 Quality management, together with well-defined standards and procedures, ensures 
that the outputs from each test activity are documented at the right level of detail and 

fed the system test environment) 

Run test cycle 

Compare expected results and actual results 
Log System Investigation Requests (SIRs) 

4' Analyze deviations and identify components requiring change (either 

expected results, test-data, or system components) 

Define Change Requests (CRs) and perform impact analysis 

Package those change requests that affect the same areas and that naturally 

belong together, into change packages 

Schedule and staff the changes 

0 Unlock components for change 

Perform changes and refine impact analysis based on added understanding 

Verify changes before re- submitting to system test 

80 

Migrate to system test based on updated impact analysis and re-lock 
components 

Implementation Considerations 

a) What model... Management tools 214 assist the management 
teams in their daily work 

0 Environment Management tools 206 provide the facilities to maintain the 
development environment 

Release Management tools 218 manages the simultaneous development of 
83 

multiple releases 

0 Configuration Management tools 210 cover the version control, 
migration control and change control of system components such. ..well understood that 
both good communication and knowledge sharing are vital for the success of any team. 
As development projects get bigger and teams more distributed, it becomes increasingly 
difficult to maintain communication between project team members. Collaborative tools 

have been developed with this very purpose in mind - to enable groups be found in 

the Collaboration Extensions 1 5 Framework in the database, and the Collaboration 
Architecture Framework in the Technology Library. 

Implementation Considerations 

a) How distributed are the project teams? 

On projects with development sites that are geographically distributed, it is usually the 

case that communication by e-mail alone is... instructor-led training 
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is affected by the number of people that have to be trained, the complexity of the subject, 
and the availability and distribution of the people to be trained. 



Program & Project Management (214) 

Program and Project Management tools assist the management teams in their daily work. 
These tools... have to be managed. There is a significant cost involved in formal 
configuration management. If the system has a little over 100 modules, the Configuration 
Management component may consist merely of awhiteboard or Excel spreadsheet. As 
the 
104 

number of modules grows to about 1000, a dedicated tool is required. 

h...be integrated with an impact analysis tool set. Impact analysis is important in order to 
group changes so that they can be implemented effectively. 

Multiple changes may affect the same component and it would be wasteful to open that 

component many times over and implement the changes one at a time change 

requests in several different ways such as area affected, priority, estimated cost or 
authorization is important to ensure correct scheduling of the implementation of changes. 
Flexible, customized sorting and reporting based on this classification is required to 
ensure that change is handled in a timely manner. 

b) Should an Impact falling between the cracks. 

c) Does the toolprovidefteeformat description of changes? 

Free forinat descriptions are important because this allows better and more 
understandable documentation of change requests and associated decisions. 

d) Are there going to be multiple releases of the software? 

The tool should allocate change requests to different releases based... does not always 
guarantee their quality. In order to minimize the dependency of the final system on these 
components (thus reducing the impact of possible changes within the libraries), it is 
recommended that wrappers are written to enclose any third-party components. This way, 
if any changes are made to the.. .an integral part of the Application team. 

Audio 

The tools required for creating audio content depend on the quality required, and whether 
or not the content is original. For'sound bites' or pre-recorded audio, simple desktop 
audio editing applications are adequate. For high-quality original content, a professional 

recording studio it is possible to purchase re -usable content from agencies, usually 

delivered in the form of CD-ROMs. 

NOTE: Tools required to store and manage media content (and storage formats) are 
discussed in Tools - Information Management - Media Content Management 
Test (136) 

Testing applications (client/server or Netcentric) remains a complex task because. ..and 
correct the fault. Although it may be possible to automate this process, human 
intervention may be required to perform at least some of these management tasks. 



EVENT / DATA GENERATION (1314) 

Event/data generation interacts with all the managed components in the execution and 

development environments in order to obtain the data generation, event processing, 

and repositories components and then send data to the presentation or repositories 
components. Management applications tools include capacity planning tools, 
performance management tools, license management tools, remote management tools, 
systems monitoring tools, scheduling tools, help desk tools, etc.. Some Enterprise 
Management tools even poll the event/data generators for information but these 
options... monitoring of the system, before any incidents have been logged. 

Support thefunctions either centrally or on a distributed basis 

If the Incident, Request and Problem management ftinctions are to be centralized, these 
functions need to be able to control and monitor incidents and problems, but other 
functions should be able to. ..short period of time can result in significant financial losses 
to a clients business. 

Hardware Maintenance 

Hardware Maintenance maintains all of the components within a distributed system to 
protect the investment of the organization. Generally agreed upon in the SLAs, 
maintenance contracts are carried out, monitored and recorded for each asset... performed 
in off-hours or delayed to avoid contention for the printer during business hours. 

What are some limitations that may be encountered? 

In a distributed environment the sizing and routing of print traffic is more complex. 

With new systems being installed, only educated guesses about how and when printing 
will the print routing algorithms post-rollout to reflect the printing reality. 

Product Considerations 

What is the intended use of the tool? 

Controls report production and distribution form the moment the report is created to the 
time the printed report is dropped in the end-use s mailbox (electronic, paper, 

microfiche, etc the 

distribution process 

0 Notifies the service level management facility of any missed service 
commitments. 

0 Communicates with the documentation management facility to obtain the 
distribution information, media type and service level commitments. 

0 Communicates with the recovery management facility to delete reports that will be 
recreated. 



0 Communicates report volumes to the.. 
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Detailed Description: 

...system are selected to be delivered in the first phase in operation 41a. Further, in 
operation 41b, the remaining components are separated into primary and secondary 
components, in which the primary components must be installed before the secondary 
components in order for the secondary components to function properly. The primary 
components may also be selected to be delivered in the first phase in... current network 
framework to which each of the network products or services relate by indicia coding the 
components. 

In one example of operation 26, a first database is created in which selected services are 
compiled. See operation 56a of Figure 1 1 In operation 56b, a second database is created. 
The second... that allow users to 

communicate in a heterogeneous environment of Business I Product3 A secure, 
standards-based web server for accessing, 1.5 managing, and distributing information 
over the Internet, extranets, or 

intranets. Product3 supports Java servlet development and network 
caching of web pages. 

Product3 simplifies management of website environments 

through information such as user definitions, user profiles, network resource 

definitions, and configuration parameters. It employs naming, 
directory, and authentication protocols on top of a shared, distributed, 
object repository. Users and applications can use the directory to 
locate and access information from anywhere in the network. 

JavaWallet Java Electronic Commerce Framework (JECF transactions using any 



combination of currencies 
1 9 

and payment instruments such as credit and debit cards, electronic 
cash and checks, and smart cards. 

The initial component of the JECF is the JavaWallet, a client 

side application that will be distributed as a core component of the 

Java environment. JavaWallet will... Windows NT, PC or Apple Macintosh systems. 

It also provides centralized administration and control through a 
unified view. 

Product6 AdminSuite -- suite of tools for 
administering distributed systems and managing user accounts, 
hosts, groups, administrative data, printer, file system, disk and 
serial ports. 

Product5 j Software- browser-based graphical 
administration tool that. ..I -An application that 
utilizes both passive and active customer profiling capabilities 
to create targeted advertising, and to deliver personalized 
information for superior customer service. Content 
management tools are combined with application development 
tools to allow to host and deploy multiple sites. 

MerchantProductl - An online business-to 

consumer merchandising solution that... safe passage through the firewall for 
audio connections and operates as a reverse-proxy 
outside a firewall. 

Media Converter - compresses and converts 
different audio formats. 

Media Player - a plug-in needed to access 
audio files or a live feed from a Media Server. 

1.4 

28 

. 5 Business3 (www. business3. com) 

Business3 primarily provides Internet services for web users. It offers a variety of 
services including internet... librarian whose responsibilities include. 

0 Reviewing designs 

Packaging classes and components for reuse 

Managing maintenance and upgrades of common components (a strong 
relationship with Configuration Management team is required) 



Media Content Management 

The methods of handling media content are somewhat different from those 
surrounding more traditional development content such as code... eight key management 
processes. 

The core activity - systems building, depends strongly on support from the surrounding 
management processes, which all affect each other. 

a) Information Management manages the information that supports the entire project - 
information that is used both in systems building and in other management 
processes 

b) Security Management covers all areas of development security, ftom coding 1 0 
standards, to security verification. 

c) Quality Management pertains to all areas of the development environment d) Program 
and Project Management must manage all the management processes 

in addition to managing the systems buildingprocess 

e) Environment Management supports the environment where management 

1 5 processes are performed, and where systems are being built 

fi Release Management... between work in progress and completed documents that have 

been approved. This distinction can be supported by a folder structure 
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with carefully chosen access rights. 

This distinction makes it easy to retrieve a consistent copy of project 
documentation for someone who is new to the project. 

While scratch folders may... high quality. 

The arrival of Integrated Development Environments ODEs), has further simplified the 
automation of construction processes to the degree that a single tool can manage the 
majority of the process. 

As with Analysis and Design, usability must not be ignored in the construction of a 
system. Especially in the case nation of information is complete and correct. 

As automation progresses and an increasing number of business processes are supported 
by computer systems, system test is changing in nature. Firstly, the testing of interfaces 
to other systems is becoming an ever larger part of systems test. Secondly, system test 

increasingly applies to factors increase the value of automated testing tools, given that 

the Standards and Procedures System test relies heavily on configuration management, 
repository management, and quality management. 

" Configuration management provides the basis for promoting a 

configuration from the construction environment to the system test environment. As test 
cycles are run and fixes implemented, migration between system components. This is 



required to ensure that impact analyses are complete and correct, which, in turn, makes 
for effective regression testing. 

0 Quality management, together with well-defined standards and procedures, ensures 
that the outputs from each test activity are documented at the right level of detail and 

fed to the system test environment) 

Run test cycle 

Compare expected results and actual results 
Log System Investigation Requests (SIRs) 

Analyze deviations and identify components requiring change (either 

expected results, test-data, or system components) 

Define Change Requests (CRs) and perform impact analysis 

Package those change requests that affect the same areas and that naturally 

belong together, into change packages 

Schedule and staff the changes 

Unlock components for change 

Perform changes and refine impact analysis based on added understanding 

Verify changes before re- submitting to system test 

Migrate to system test based on updated impact analysis and re-lock 

components 

Implementation Considerations 

a) What model of testing does thefirmfollow? 

The following is an overview of the firm's testing. ..0 Quality Management tools 204 
support all quality management processes 

" Program and Project Management tools 214 assist the management 
teams in their daily work 

" Environment Management tools 206 provide the facilities to maintain the 
development environment 

0 Release Management tools 218 manages the simultaneous development of 
multiple releases 

* Configuration Management tools. ..apply the appropriate security controls accordingly. 

Is communication outside the local environment necessary? 
Is remote access required? 

If so, a gateway will be required to manage communication beyond the local 
environment. This will bring with it security implications, as the local environment will 
no longer be isolated. 

b) Do e- mail benefits of electronic mail and teamware materialize. 

For example, certain teamware databases require continuous maintenance in order to 
remain relevant. The management of the database contents may require significantly 
more work than either the initial installation of the tools or the technical support for the 

tools. This effort is frequently underestimated to setting guidelines for general usage, 

the project must designate mail administrators and knowledge managers who are 
responsible for. 



Maintaining user accounts 

Maintaining security profiles 

Managing database contents 

Removing obsolete information 

Managing resource usage (for example, disk space) 

Implementation Considerations 

a) What size is the project team? 

Teamware will generally only be effective when used within large system, interest 

will soon dwindle, and the system will no longer be of any value. 
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Group Schedulin (142) 

Group scheduling tools help to centrally manage the personal schedules of a group of 
people. This offers the advantage of being able to coordinate events that require the 
participation of ...of the total look and feel of the application. Change requests may also 
be rejected or deferred by an authorized person. 

d) Is coordination of changes required? 

Facilities to track interdependencies between change requests (for example, change 
request A must be completed before change request B can start) are provided 
by... implemented must also be a factor of project size and duration. 

The environment management requirements in this section are based upon the MODE 
(Management of Distributed Environments) conceptual framework. This section uses 
MODE as a framework, adopts MODE terminology, and focuses on those management 

tasks from MODE which are particularly important the Help Desk 

Tools to support the creation, management, and reporting of Service Level 
114 

Agreements (SLAs) and Operations Level Agreements (OLAs) 

0 Tools to manage and support the quality of the development environment 

Systems Management (126) 

Systems Management Tools support and manage the operation of the distributed system. 
Many specific monitoring and analysis tools are covered in detail in the. ..and managing 
change in the development environment. Specific tools are discussed in detail in the 
MODE Products Database on the Knowledge Xchange. 

Data and Software Distribution is a key tool in this category for development 
environments that have several developers. These tools enable automated distribution of 

data and software to the affected by the problem 

It is important to select an automated Problem Management system that is 
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integrated with the program's testing and Configuration Management tools. Therefore, 
the Problem Management system must be able to support the testing model selected, for 
example, the V-model, and have tight integration with the Migration and Version 
Control type of security is required for the Problem Management application. This is 



closely tied with the Configuration Management tools. Only one person should have the 
rights to review and approve problem analysis tasks as well as problem migration 
activities. 

Implementation Considerations 

a) How are problems handled at each stage? 

b) How. ..the impact of possible changes within the libraries), it is recommended that 
wrappers are written to enclose any third-party components. This way, if any changes are 
made to the internals of the components, only the wrappers would be affected, allowing 
the application and architecture code to remain unchanged. 

Frameworks may enhancements. 

c) Will the vendor guarantee consistency of all interfaces acrossfuture releases? The 
biggest danger in using packaged components is that the vendor will make changes to the 
component interfaces. When selecting packaged components make sure the vendor 
guarantees backwards compatibility of all the existing interfaces provided by the 
component. If.. .In the majority of Integrated Development Environments, the Compiler, 
Linker and/or Interpreter are included as an integral part of the system. In addition, the 
management of compilation and linking is automated using MAKE utilities which 
understand the dependencies between modules in the system. This allows the system to 
trigger all necessary re-compilation and re-linking when a module in the system is 
changed, thus avoiding the time consuming task of re-compiling and re-linking the entire 
system. 

Product Considerations 

a) Is the tool easy to use? 
The.. .system? 

b) What tools can be usedfor problem tracking? 

The RTP Tools Development team has documented their evaluation summaries of 
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the internal test plan management system. The following is a brief description of the 
product. To view more detailed information, follow this doclink to the RTP Tools 
Initiative document. 

The. ..should usually be avoided if possible. Were possible, the tool with the closest match 
should be purchased, and customized to meet the necessary requirements. 

Some additional considerations are outlined below. 

Central vs. Distributed Control 

The answer to this question may limit the selection of tools as not all tools are capable of 
controlling functions remotely. If control is centralized, technical expertise at distributed 
sites will not be necessary. This may, however, mean that a more complex, expensive 
tool is required. 



If control is distributed, technical expertise will be needed at remote sites, and there is 
the potential for problems with the interfaces between tools. 

Pla@fbrm Constraints 

Systems-based... generation, event processing, and repositories components and then send 
data to the presentation or repositories components. Management applications tools 
include capacity planning tools, peifon-nance management tools, license management 
tools, remote management tools, systems monitoring tools, scheduling tools, help desk 
tools, etc.. Some Enterprise Management tools even poll the event/data generators for 
information but these options. ..Incident Managemen 

Incident Management provides the interface between the users of the system and those 
operating and maintaining the system when an incident arises. Incident Management is 
responsible for. 

receiving incidents from users 

informing users of known work-around where possible 

0 ensuring that support personnel are working on an incident... with agreed upon SLAs. 
As part of this payment process Billing & Accounting reconciles bills from service 
providers against monitored costs and SLA/OLA violations. 

Systems Management Planning (1330) 
Cal2acily Modeling and Plannin 

Capacity Modeling & Planning ensures that adequate resources will be in place to meet 
the SLA requirements, keeping in mind.. .the print routing algorithms post-rollout to 
reflect the printing reality. 

Product Considerations 

What is the intended use of the tool? 

Controls report production and distribution form the moment the report is created to the 
time the printed report is dropped in the end-use s mailbox (electronic, paper, 

microfiche, etc the 

distribution process 

0 Notifies the service level management facility of any missed service 
commitments. 

0 Communicates with the documentation management facility to obtain the 
distribution information, media type and service level commitments. 

0 Communicates with the recovery management facility to delete reports that will be 
recreated. 

0 Communicates report volumes to the... 
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Detailed Description: 

...of the customer relationship management-related web application services in 

accordance with one 

embodiment of the present invention; 

Figure 24 is a flowchart illustrating the content management and publishing-related web 
application services in accordance with one embodiment of the present invention; Figure 
25 is a flowchart illustrating the education-related. ..is generated in operation 37. 
Operation 38 indicia codes a first component or components of the existing network 
framework in order to indicate that the first component is a primary component, as 
selected in operation 36b, which must be implemented first. Operation 39 indicia codes a 

second component and any remaining as determined in operation 36c, and must be 

implemented after the first component. For example, second components which should 
be provided only after other necessary first components are in place may be 
distinguished from the primary components by having indicia coding unique with respect 
to the indicia coding of the first.. .that allow users to 

communicate in a heterogeneous environment of Business I Product3 A secure, 
standards-based web server for accessing, 1.5 managing, and distributing information 
over the Internet, extranets, or 

intranets. Product3 supports Java servlet development and network 
caching of web pages. 

Product3 simplifies management of website environments 
through... Software Developer's Kit provides application 
programming interfaces that enable developers to directory-enable 
their applications. 

Business2 Proxy A system for caching and filtering web content, log analysis, Server 
and boosting network performance. 

Bussiness2 Calenda A calendar server that supports the scheduling of meetings, 

appointments, and resources for thousands of users.. .206 

The Release Management team 208 

The Configuration Management team 210 

The Problem Management team 212 

The Program and Project Management teams 214 

The Security Management team 216 



Together, these teams support the efforts of the System Building team, which is charged 
with the analysis, design, build, and test of the... a large project. Their utility greatly 
increases if they are managed appropriately. This management is based on easy-to- 
follow, easy-toenforce standards. 

Ob -ject Management 

The responsibilities involved with object management are very similar to those involved 
with repository management. However, in order to facilitate and promote reuse, it is 
recommended to have a librarian whose.. .and frequency of these operations is often 
greater than that of the execution environment). 

To ensure that this area receives the necessary attention, an Environment Management 
team 400 should be assigned these tasks. Figure 4 is an illustration showing the 
Environmental Management Team responsibilities. 

The Service Group 402 serves as a single point of contact for developers. It interfaces 
with the Architecture team to provide answers to.. .Both of these factors increase the value 
of automated testing tools, given that the Standards and Procedures System test relies 
heavily on configuration management, repository management, and quality 
management. 

0 Configuration management provides the basis for promoting a 

configuration from the construction environment to the system test environment. As test 

cycles are run and fixes implemented, migration can become complex, requiring flexible 

mechanisms for locking and unlocking system components and analyzing the impacts of 

change. 

0 Information management, and in particular repository management, 

guarantees a correct view of the interrelationships between system components. This is 

required to ensure that impact analyses are complete and correct, which, in turn and 

actual results 

0 Log System Investigation Requests (SIRs) 

* Analyze deviations and identify components requiring change (either 

expected results, test-data, or system components) 

Define Change Requests (CRs) and perform impact analysis 

Package those change requests that affect the same areas and that naturally 

belong together, into change packages 

Schedule and... testing, the system should be technically sound, and data flow throughout 
the system should be correct. Component and assembly testing ensures that all 
transactions, database updates, and conversation flows function accurately. 

Testing in later stages will concentrate on user requirements and business processes, 
including work flow. 

d) Are benefits being tested management components. 



* Information Management tools 202 manage the information that supports 
the entire project - information that is used both in systems building and in other 
management processes 

" Security Management tools 216 enable the development of security 
components 

0 Quality Management tools 204 support all quality management processes 
" Program and Project Management tools 214 assist... to send simple ASCII text, e-mail 
systems usually provide the capability to attach binary files to messages. E-mail is a 
convenient tool for distributing information to a group of people, as it has the advantage 
of delivering content directly to the 'mailbox' of each individual, rather than relying 
on. ..groups. Each of these groups is also assigned specific read/write/delete/modify 
authority. For example, the following groups may be defined as having increasing rights. 

Programmer 
Designer 
Technical support 
Repository administrator 

A le:s flexible alternative is to lock objects. A locked object cannot be changed until the 
repository administrator.. .or instructor-led training is affected by the number of people 
that have to be trained, the complexity of the subject, and the availability and 
distribution of the people to be trained. 

Program & Project Management (214) 

Program and Project Management tools assist the management teams in their daily work. 

These tools the number of objects, files, or components. The management of these 

items becomes increasingly difficult to manage and track during the development 
process. The Configuration Management tool provides structure for managing the 
objects, files, and components and reduces the risk of lost information caused by version 
problems, or by items not being migrated properly. 
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d...and is usually supported by the tools. 
Product Considerations 

a) Does the toolprovide capabilities to caterfor a system running on multiple 
pla@ forms or a distributed system? 

Ideally, the Version Control tool must be able to operate on all the platforms in use, 
whilst at the same time performing Version Control are implemented together. 

Hence impact analysis is important for scheduling purposes and for estimating cost. 

Product Considerations 

a) Does the toolprovide a capability to classify change requests? 

Change requests may occur as a consequence of changing requirements, or as a result of 
nonconformities (or defects) in the system. The tool should be able. ..and often must 
support projects at different stages of the development life cycle. 



As such, it is a mission-critical production environment and must be managed based 
upon an operations architecture. The extent to which the areas of the operations 

architecture are implemented must also be a factor of project size 0 Tools to manage 

and support the quality of the development environment 
Systems Managemen (126) 

Systems Management Tools support and manage the operation of the distributed system. 
Many specific monitoring and analysis tools are covered in detail in theNetwork 
Performance Management practice aid and the Technology Products and Vendors 
database, both... defines physical interfaces and locations for components. It is important 
for performance 1 5 reasons that communication between components is minimized, 
especially if they are distributed. 

Reuse Support 

It is during analysis and design that really large savings can be obtained by reusing 
existing solutions. At this stage, reuse is often. ..unchanged. 

Frameworks may be found on the market which provide generic components for general 

business processes such as general ledger, sales order processing, inventory 
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management or product distribution. For example, IBM San Francisco offers business 
components for the Java environment (see Error! Bookmark not defined.) 
Product Considerations 

a) Does the... human intervention may be required to perform at least some of these 
management tasks. 

EVENT / DATA GENERATION (1314) 

Event/data generation interacts with all the managed components in the execution and 
development environments in order to obtain the required management information. 

This component also interacts with the physical environment, managing hardware... 
...data generation, event processing, and repositories components and then send data to 
the presentation or repositories components. Management applications tools include 
capacity planning tools, performance management tools, license management tools, 
remote management tools, systems monitoring tools, scheduling tools, help desk tools, 
etc.. Some Enterprise Management tools even poll the event/data generators for 
information but these options... up a device after it has failed to those required in the event 
of a major disaster. With critical business applications being rolled out on distributed 
technologies, the recovery of these systems must be easy, quick and efficient. Loss of the 
system for even a short period of time can result in significant financial losses to a clients 
business. 

Hardware Maintenance 

Hardware Maintenance maintains all of the components within a distributed system to 
protect the investment of the organization. Generally agreed upon in the SLAs, 
maintenance contracts are carried out, monitored and recorded for each asset... 



...performed in off-hours or delayed to avoid contention for the printer during business 
hours. 

What are some limitations that may be encountered? 

In a distributed environment the sizing and routing of print traffic is more complex. 

With new systems being installed, only educated guesses about how and when printing 
will the print routing algorithms post-rollout to reflect the printing reality. 

Product Considerations 

What is the intended use of the tool? 

Controls report production and distribution form the moment the report is created to the 
time the printed report is dropped in the end-use s mailbox (electronic, paper, 
microfiche, etc... in the 
distribution process 

" Notifies the service level management facility of any missed service 
commitments. 

'6 Communicates with the documentation management facility to obtain the 
distribution information, media type and service level commitments. 

Communicates with the recovery management facility to delete reports that will be 
recreated. 

0 Communicates report volumes to the resource PCL, Postscript, etc..) and code 

translation. 

Any other specificJunctional requirements? 

Output management issues require leverage of existing print capability, local and remote 
printing, and distribution management through a software package or an equivalent 
alternative. 

File Transfer & Control 

File Transfer and Control initiates and monitors files being transferred throughout the 

system as for the startup or shutdown of the entire system (e.g., hardware, 

applications), or portions of the system depending upon the identified requirements. 
Within a distributed environment, the system includes both centralized and remote 
resources. 
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Implementation Considerations 

Will devices need to be shutdown /started remotely as well as be automatic e.g., 

databases should be started before applications) as well as defined service levels (e.g., 
one particular application is critical and must be started first), the order of startup / 
shutdown will be deten-nined. 



Are periodic re- boots required (e.g., to clean up memory)? 
If this is necessary, automatic... 



Claims: 

...j Recovery ion 

Product3roblem Management I - HC66-trolAssetM,=rnce Management Migration 
ControlEequlas=tMalnagementRolloutl310 I systems Man gement Management F 
License 133Administr6bon Management/Failure Control Billing anclAcouunting 
C2pQdty Modeling and planning BManagementl312 
Managementl340Databaseproduction Control implementing =oreRecovery 
Managementf Mass -Stonagemanagement Database... 
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English Abstract: 

The disclosure details a variety of steganographic encoding and decoding of auxiliary 
information in physical and media objects (16) in traditional distribution (14) to music 
media outlets (20). In particular, digital watermarks embeded in media content are used 
to initiate automated transactions associated with the content and to link creative 
content... 

Detailed Description: 

...following detailed description and accompanying drawings. 
Brief Description of the Dra@y@ 

Fig. I is a diagram showing the participants, and channels, involved in the distribution of 
music. 



Fig. 2 shows a conceptual model of how music artists, record labels, and E-Music 

distributors can all interact with a Media Asset Management System applicable to 

other source data, whether non-music audio, video, still imagery, printed materials, etc. 



1 0 Music Asset Management 

Referring to the figures, the music distribution process begins with a creative artist 10. 

The artist's music has traditionally been distributed by a record label 12. (While the 
following discussion refers to distribution through such a label, it should be understood 

that such distribution can 'ust record 

label intermediary.) 

In traditional distribution 14, the record label produces tangible media, such as records, 
ideos (e.g. music videos), and CDs 16. These media are physically distributed to end 
tapes, vi 1 1 1 

consumers 18. Additionally, the label 12 distributes the music media to outlets 20, such 
as radio and TV stations, cable and satellite systems, etc., which broadcast (or 
narrowcast) the artist's work to an audience. Distribution through such media outlets 
may be monitored by playout tracking services. Playout tracking data, collected by firms 
including Arbitron, Nielsen, ASCAP, BMI, etc., can be used to compute royalty 
payments, to verify broadcast (e.g. 

for advertising), etc. 

Increasingly, the distribution of the music to the media outlets is performed 
electronically. Such distribution first took the form of analog audio over highquality 
landlines or satellite channels. Digital audio quickly supplanted analog audio in such 
distribution channels due to higher fidelity. 

More recently, distribution of the music from the record labels to the media outlets has 
occurred over secure links, now including the internet. Such security was first provided 

simply by scrambling data. More sophisticated "container" -based systems are now 

coming into vogue, in which the audio is "packaged" (often in encrypted form) with 
ancillary data. 

Electronic distribution of music to the consumer is also gaining popularity, presently in 
the MP3 format primarily. The music providers may deal directly with the public, but 

more commonly foregoing channels. However, one of the greatest risks occurs once 

the music has been delivered to the consumer (whether by tangible media, by traditional 
broadcast media outlets, by emerging digital distribution, or otherwise). 

The general idea of embedding auxiliary data into music (i.e. waten-narking) has been 

widely proposed, but so far has been of for "tracking" is actively disclaimed. (Wired 

News, "GoodNoise Tags MP3 Files," 
February 3, 1999.) 

The Genuine Music Coalition - a partnership of various companies in the music 
distribution business - likewise has announced plans to employ watermarking of MP3 
music. 

The watermarking technology, to be provided by Liquid Audio, will convey data 
specifying the Termed the Secure Digital Music Initiative (SDMI), the program seeks 



to define a voluntary specification that will assure proper compensation to those who 
produce and distribute music. One ...date/proprietor. 

Additionally, the payload can include a digital object identifier - an ISBN-like number 
issued I 0 by a central organization (e.g. a rights management organization) to uniquely 
identify the work. 

Such payload data can be encoded literally (e.g. the title by a series of ASCII characters, 
etc.). In... watermark is a date field. This field can indicate either the date the music was 
watermarked, or a date in the future on which certain rights associated with the music 
should change. Some consumers, for example may not wish to purchase perpetual 
playback rights to certain musical selections. The right to play a selection for 6 
months... watermark, and refuse to make a copy if it is not detected as set. 

These three examples are but illustrations of many possible techniques for changing the 
rights associated with a work. Many other techniques are known. See, e.g., the proposals 
for watermark-based copy control systems for digital video at the... with time, there is not 
much after-market demand that could be served by illicit copies, making third party 
compilation of such material for re-distribution financially unattractive. First run ideo, 
and material that keeps a high value over time, would not be as well suited for such 
vi 

distribution, and could better employ.. .the MGA sites 5 corresponding to various boolean 
combinations of meta-tag parameters. 

Asset Management/Containers 

Much has been written on the topic of asset rights management. Sample patent 
documents include U.S. Patents 5,892,900, 5,715,403, 5,638,443, 5,634,012, 5,629,980 
and laid-open... 



Claims: 

...artist. 

29 The method of claim 26 in which the third group of bits represents usage restrictions 
to which audio appliances are responsive, thereby driving distribution of additional 
copies of the music data. - 45 

30 A media object clearinghouse system comprising: 

a media object clearinghouse operable to transfer a media object electronically; a 
watermark decoder in communication... 
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Detailed Description: 

...100. Models such as wholesale or retail purchase, pay-per-listen usage, subscription 
services, copy/no-copy restrictions, or redistribution could be implemented through the 
rights management of the Clearinghouse(s) 105 and the End-User Player Application 
195 copy protection features. 

The Secure Digital Content Electronic Distribution System 100 allows Electronic 
Digital Content Store(s) 103 and Intermediate Market Partners a great deal of flexibility 

in creating services that sell Content 113 metered so that they can receive appropriate 

compensation for the licensing of Content 113. 

H. CRYPTOGRAPHY CONCEPTS AND THEIR APPLICATION TO THE SECURE 
DIGITAL 

CONTENT ELECTRONIC DISTRIBUTION SYSTEM 

License Control in the Secure Digital Content Electronic Distribution System 100 is 
based on the use of cryptography. This section introduces basic cryptography 
technologies of the present invention. The use of public key encryption, symmetric key 
encryption, digital signatures, digital watermarks and digital certificates is known. 

A. Symmetric Algorithms 

In the Secure Digital Content Electronic Distribution System I 00 the Content 

Provider(s) 10 1 encrypts the content using symmetric algorithms. They are called 

symmetric algorithms because the same key is used to encrypt and The data sender 

and the message recipient must share the key. The shared key is referred to here as the 
symmetric key. The Secure Digital Content Electronic Distribution System 100 
architecture is independent of the specific symmetric algorithm selected for a particular 
implementation. 

Common symmetric algorithms are DES, RC2 and RC4. Both DES 56 460 113 85 19 

RC2 40 40 286888 
RC4 40 151 2377723 
RC4 40 151 2377723 

B. Public Key Algorithms 

In the Secure Digital Content Electronic Distribution System 100, symmetric keys and 
other small data pieces are encrypted using public keys. Public key algorithms use two 

keys. The two keys are mathematically 6 kilobits/second with a 512-bit modulus and 

7.4 kilobits/second with a 1024-bit modulus. 



C. Digital Signature 

In the Secure Digital Content Electronic Distribution System 100, the issuer of SC(s) 



protects the integrity of SC(s) by digitally signing it. In general, to create a digital 
signature of.. .the recovered one. If the message has not being altered during distribution, 
the calculated digest and recovered digest must be equal. 

In the Secure Digital Content Electronic Distribution System 100, since SC(s) contain 
several data parts, a digest is calculated for each part and a summary digest is calculated 

for the concatenated recipient of the message uses the entity's name from the 

certificate to decide whether or not to accept the message. 

In the Secure Digital Content Electronic Distribution System 1 00, every SC(s), except 
those issued by the End-User Device(s) 109, includes the certificate of the creator of the 

SC many End- User(s) do not bother to acquire a certificate or have certificates issued 

by non bona-fide Certification Authorities. In the Secure Digital Content Electronic 
Distribution System 100, the Clearinghouse(s) 105 has the option of issuing certificates 
to the Electronic Digital Content Store(s) 103. This allows the End-User Device(s) 109 to 
independently verify that the Electronic Digital Content Store(s) 103 have been 
authorized by the Secure Digital Content Electronic Distribution System 100. 

E, Guide To The SC(s) Graphical Representation 

This document uses a drawing to graphically represent SC(s) that shows encrypted parts, 

non symmetric key in this case). Another encrypted object, in this example a 

Transaction ID encrypted object 205 is shown. And Usage Conditions 206 for content 
licensing management as described below. The SC(s) 200 comprises Usage Conditions 
206, Transaction ID encrypted object 205, an Application ID encrypted object 207, and 

encrypted symmetric created and decrypted in this process overview is a general 

SC(s). It does not represent any of the specific SC(s) types used for rights management 
in the Secure Digital Content Electronic Distribution System 100. The process consists 
of the steps described in FIG. 3 for encryption process. 

Process Flow for Encryption Process of FIG. 3 
Sten Process... refers to the recipient's private key. 

418 Recipient uses the symmetric key to decrypt the encrypted content. This recovers the 
content. 

Hi. SECURE DIGITAL CONTENT ELECTRONIC DISTRIBUTION SYSTEM 
FLOW 

The Secure Electronic Digital Content Distribution System 100, consists of several 
components that are I 0 used by the different participants of the system. These 

participants include the Content Provider(s via End-User Device(s) 109 and the 

Clearinghouse(s) 105. A high level system flow is used as an overview of the Secure 
Digital Content Electronic Distribution System 100. This flow outlined below tracks 
Content as it flows throughout the System I 00. Additionally it outlines the steps used by 
the participants... User Device(s) 109. Upon the receipt the Content 1 13 is de-encrypted 
by the End-User Device(s) 109 using the Symmetric Key. 



IV. RIGHTS MANAGEMENT ARCHITECTURE MODEL 

A, Architecture Layer Functions 

FIG. 5 is a block diagram of the Rights Management Architecture of the Secure Digital 
Content Electronic Distribution System 100. Architecturally, four layers represent the 
Secure Digital Content Electronic Distribution System 100: the License Control Layer 
501, the Content Identification Layer 503, Content Usage Control Layer 505, and the 

Content Formatting Layer 507. The overall required that the output from one layer 

satisfies format and semantics acceptable to the adjacent layer. 

The License Control Layer 501 ensures that. 

the Digital Content is protected during distribution against illegal interception and 
tampering; the Content II 3 originates from a rightful content owner and is distributed 

by a licensed distributor, -e.g. 

Electronic Digital Content Store(s) 103; 

the Digital Content purchaser has a properly licensed application; 

the distributor is paid native representation in the content owner's facilities into a 

form that is consistent with the service features and distribution means of the Secure 
Digital Content Electronic Distribution System 100. The conversion processing may 
include compression encoding and its associated preprocessing, such as frequency 

equalization and amplitude dynamic adjustment. For Content II 3 13 also needs to be 

processed to achieve a format appropriate for playback or transfer to a portable device. 

B. Function Partitioning and Flows 

The Rights Management Architectural Model is shown in FIG. 5 and this illustrates the 
mapping of the architectural layers to the operating components making up the Secure 
Digital Content Electronic Distribution System 1 00 and the key functions in each layer. 

1 . Content Formatting Layer 507 

The general functions associated with the Content Formatting Layer 507 its 

transmission time. Any compression algorithm appropriate for the type of Content 113 
and transmission medium can be used in the Secure Digital Content Electronic 
Distribution System 100. For music, MPEG V2/4, Dolby AC-2 and AC-3, Sony 
Adaptive Transform Coding (ATRAC), and low-bit rate algorithms are some of the 
typically used... Transaction 541 and the License Authorization 543 are complete and 
authentic, that the Electronic Digital Content Store(s) 103 has authorization from the 
Secure Digital Content Electronic Distribution System 100 for the sale of electronic 
Content 1 13, and that the End-User(s) has a properly licensed application. 
Audit/Reporting 545 allows the generation of reports and the sharing of licensing 
transaction information with other authorized parties in the Secure Electronic Digital 
Content Distribution System 100 License control is implemented through SC 
Processing 533. SC(s) are used to distribute encrypted Content 113 and information 
among the system operation components (more about the SC(s) detailed structure 

sections below). A SC is cryptographic carrier of information that from reputable 

Certificate Authorities that are used to authenticate those components. The End-User 



Device(s) 109 are not required to have digital certificates. 



C. Content Distribution and Licensing Control 

FIG. 6 is a block diagram illustrating an overview of the Content Distribution and 

Licensing Control as it applies to the License Control Layer of FIG. 5. The figure depicts 
the case in which the Electronic Digital Content... each Content 1 13 object, the Metadata 
SC(s) 620 also carries the Store Usage Conditions 519 associated with the Content Usage 
Control Layer 505. 

The Content Provider(s) 101 distributes the Metadata SC(s) 620 to one or more 
Electronic Digital Content Store(s) 103 (step 601) and the Content SC(s) 630 to one... 
...End-User Device(s) 109, the Clearinghouse(s) 105 verifies. 

1 . that the Electronic Digital Content Store(s) 103 has authorization ftom the Secure 
Digital Content Electronic Distribution System 1 00 (exists in the Database 160 of the 
Clearinghouse(s) 105); 

2. that the Order SC(s) 650 has not been altered; 
...was used to enciypt the enciypted part. 

If the SC(s) does not contain any encrypted parts, then there is no Key Description part. 
B. Rights Management Language Syntax and Semantics 

The Rights Management Language consists of parameters that can be assigned values to 
define restrictions on the use of the Content I 1 3 by an End-User.. .Key 623 bit string that 
was used to encrypt the part. 

VIL CLEARINGHOUSE(S) 105 
A. Overview 

The Clearinghouse(s) 105 is responsible for the rights management functions of the 
Secure Digital Content Electronic Distribution System 100. Clearinghouse(s) 105 
functions include enablement of Electronic Digital Content Store(s) 103, verification of 
rights to Content 113, integrity and authenticity validation of the buying transaction and 
related information,. distribution of Content encryption keys or Symmetric Keys 623 to 
End-User Device(s) 109, tracking the distribution of those keys, and reporting of 
transaction summaries to Electronic. ..Content Store(s) Embodiment 
An Electronic Digital Content Store(s) 103 that wants to participate as a seller of Content 
113 in the Secure Digital Content Electronic Distribution System 100 makes a request 
to one or more of the Digital Content Provider(s) 101 that provide Content 1 1 3 to the 
Secure Digital Content Electronic Distribution System 1 00. There is no definitive 
process for making the request so long as the two parties come to an agreement. After the 

digital s) 105 is contacted, usually via E-mail, with a request that the Electronic 

Digital Content Store(s) 103 be added to the Secure Digital Content Electronic 
Distribution System 100. The digital content label provides the name of the Electronic 
Digital Content Store(s) 103 and any other information that may be required for the 

Clearinghouse(s) 105 End-User Device(s) 109 verifies that the Electronic Digital 

Content Store(s) 103 is a valid distributor of Content 1 13 on the Secure Digital Content 



Electronic Distribution System 100 by first checking the digital certificate revocation 
list and then using the Public Key 621 of the Clearinghouse(s) 105 to verify the 

information in the digital 660 it determines whether a new revocation list is included 

and if so, the local revocation list on the End-User Device(s) 109 is updated. 

B. Rights Management Processing 
Order SC(s) Analysis 

The Clearinghouse(s) 105 receives an Order SC(s) 650 from an End-User(s) after the 

End-User(s Transaction and Offer SC(s) 641 digital signatures also indirectly verifies 

that the Electronic Digital Content Store(s) 103 is authorized by the Secure Digital 
Content Electronic Distribution System 100. This is based on the fact that the 
Clearinghouse(s) 105 is the issuer of the certificates. 

Alternately, the Clearinghouse(s) ...SC(s) 660 to the End-User Device(s) 109. The 
Electronic Digital Content Store(s) 103 is also expected to participate in managing the 
distribution of Content 1 13 to various countries by performing the same checks as the 
Clearinghouse(s) 105. The Clearinghouse(s) 105 does whatever checking that it can 
in.. .Content 113 purchase transactions and report request transactions. The information 
can be used for a variety of puiposes such as audits of the Secure Digital Content 
Electronic Distribution System 100, generation of reports, and data mining. 

The Clearinghouse(s) 105 also maintains account balances in Billing Subsystem 182 for 
the Electronic Digital Content... Store(s) 103 so that the Electronic Digital Content 
Store(s) 103 can charge the End-User(s)' credit card. 

G, Retransmissions 

The Secure Digital Content Electronic Distribution System 100 provides the ability to 
handle retransmissions of Content 1 13. This is typically performed by a Customer 

Service Interface 194. Electronic Digital Content Store User(s) for the purchase of the 

Content 1 1 3. 

VH1. CONTENT PROVIDER 
A. Overview 

The Content Provider(s) 101 in the Secure Digital Content Electronic Distribution 
System 100 is the digital content label or the entity who owns the rights to the Content 1 1 
3. The role of the Content Provider(s) 101 is to prepare the Content I 1 3 for distribution 
and make information about the Content 113 available to Electronic I 0 Digital Content 

Store(s) 103 or retailers of the downloadable electronic that the Content 1 13 is secure 

when it leaves the Content Provider(s)' 101 domain and never exposed or accessible by 
unauthorized parties. This allows Content 113 to be freely distributed throughout a non- 
secure network, such as the Internet, without fear of exposure to hackers or unauthorized 
parties. 

The end goal of the tools for Content 1 13 and information and calls the SC(s) Packer 

to pack into SC(s). 



Content Dispersement Tool (not shown) - Disperses SC(s) to designated distribution 
centers, such as Content Hosting Sitc(s) III and Electronic Digital Content Store(s) 103. 

Content Promotions Web Site 156 - stores Metadata SC(s) 620 and optionally... song file 
remain available until after Content Quality Control Process 810. 

II. Encryption Process 811 

The Encryption Process 811 calls the appropriate Secure Digital Content Electronic 
Distribution Rights Management function to encrypt each of the watermarked/encoded 
song files. This process has no dependencies other than completion of all other audio 
processing. Upon completion... of media, such as several audio- CDS, can be queued up 
so as to enable the Automatic Metadata Acquisition Tool to create a series of Content 
1 13 for electronic distribution. For example, all the Content 113 could be created from 
a series of CDS or even selected tracks from one or more CDS examined by the Content 
Provider(s) I... design and layout of this site or can choose to use a turnkey web server 
solution provided as part of the toolkit for Secure Digital Content Electronic 
Distribution System I 00. To implement their own design for this service, the Content 
Provider(s) 1 0 1 need only provide links to the Metadata SC(s) 620 for Electronic Digital 
Content Store(s) 103 who access their site. This is accomplished using the toolkit for the 
Secure Digital Content Electronic Distribution System 100. The selection process and 
what information is shown is the discretion of the Content Provider! s) 101 . 

Metadata SC(s) 620 received into titles, such as CDS, movies and games every year, 

adding to the tens of thousands of content titles that are currently available. The Secure 
Digital Content Electronic Distribution System 100 is designed to support all of the 
content titles available in stores today. 

The numbers of content titles that the Secure Digital Content Electronic Distribution 

System 100 may eventually download to customers on a daily basis is in the thousands or 
tens of thousands. For a large number of titles, this requires a large amount of bandwidth. 
The computer disk space and bandwidth needs call for a distributed, scalable 
implementation with multiple Content Hosting Site(s) 111. The system also supports 
customers all over the world. This requires overseas sites to speed delivery to the global 
customers. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 is 
designed to allow the Content Provider(s) 1 01 to either host their own Content 1 13 or 
share a common facility or a set of facilities. 

Content hosting on the Secure Digital Content Electronic Distribution System 100 
consists of multiple Content Hosting Site(s) 111 that collectively contain all of the 
Content 113 offered by the Secure Digital Content Electronic Distribution System 
100 and several Secondary Content Sites (not shown) that contain the current hot hits 
offered bythe Content Provider(s) 101. Thenumber of Content Hosting Site(s) III changes 

dependingon the Should the Content Provider(s) 101 choose to host all of their 

Content 1 13 in their own system, they can act as a single Content Hosting Site 111 with 



or without additional Secondary Content Sites. This allows them to build their own 
scalable distributed system. In another embodiment, Electronic Digital Content Store(s) 
103 can also act as Content Hosting Site(s) III for certain Content 1 1 3... may be 
redirected to another Content Hosting Site(s) 111. 

2. Content Hosting Site(s) 111 provided by the Secure Digital Content Electronic 
Distribution System I 00 For the Secure Digital Content Electronic Distribution 

System I 00 the decision of which site should be used to download the Content 1 13 is 
made by the primary content site that received this decision. 

Are there secondary content sites that host the Content 113 requested? (The majority of 
Content 113 offered by the Secure Digital Content Electronic Distribution System I 00 
is only located at primary sites); Where is the End-User Device(s) 109 geographically 
located? (This information can be obtained from to download the Content 113. 

Secondary Content Sites 

The Secondaiy Content Sites (not shown) host the popular Content 1 13 of the Secure 
Digital Content Distribution System 100. These sites are geographically dispersed 
across the world and are located near Network Access Points (NAPs) to improve 

download times. These sites are Store(s) 103 are essentially the retailers. They are the 

entities who market the Content I 1 3 to be distributed to the customer. For distribution 
of Content 113, this would include Digital Content Retailing Web Sites, Digital 
Content Retail Stores, or any business who wishes to get involved in marketing... 
...Store(s) 103 is accomplished via a set of tools developed for the Electronic Digital 
Content Store(s) 103 as part of the Secure Digital Content Electronic Distribution 
System I 00. 

These tools are used by the Electronic Digital Content Store(s) 103 to. 

acquire the Metadata SC(s) 620 packaged by the... variant between the broadcast based 
service offering and the point-to-point interactive web service type offering. 

1 5 

B. Point- to-Point Electronic Digital Content Distribution Service 

Point-to-Point primarily means a one-to-one interactive service between the Electronic 

Digital Content Store(s) 103 and the End-User Device is a block diagram illustrating 

the major tools, components and processes of an Electronic Digital Content Store(s) 103. 

1 . Integration Requirements 

The Secure Digital Content Electronic Distribution System 100 not only creates new 
online businesses but provides a method for existing businesses to integrate the sale of 

downloadable electronic Content 1 13 to and can be largely automated and is executed 

only to integrate new Content 113 into the site. 

The tools for the Secure Digital Content Electronic Distribution have been designed to 
allow integration of sale of electronic downloadable Content 113 into typical 



implementations of web based Electronic Digital Content Store(s) 103 establishes 

customer loyalty with its customers and continues to offer its own incentives and market 
its products as it does today. In the Secure Digital Content Electronic Distribution 
System I 00, it would simply need to indicate which products in its inventory are also 

available for electronic download and allow its customers to I 0 downloads. It simply 

passes the required information and all processing from that point on is handled by the 
toolset for the Secure Digital Content Electronic Distribution System 100. In another 
embodiment, other methods of transaction handling are also possible using tools for the 
Secure Digital Content Electronic Distribution System 100 to handle the financial 
settlement should the Electronic Digital Content Store(s) 103 wish to sell downloadable 
merchandise only or to segregate the. ..to retain a cross reference of the Content 1 13 being 
offered to this Product ID to properly interface with the tools for the Secure Digital 
Content Electronic Distribution System I 00. Providing this information here, allows the 
Electronic Digital Content Store(s) 103 to integrate this product or Content 113 into its 
inventory... only used by the Electronic Digital Content Store(s) 103 as input to his web 
service database is removed from the Metadata SC(s) 620. Rights management 
information provided by the Content Provider(s) 101, such as watermarking instructions, 
encrypted Symmetric Keys 623, and Usage Conditions 517 defining the permitted uses 
of.. .new Content 113 has been placed in the Content Promotions Web Site 156. 

None of these notifications are a required step in the Secure Digital Content Electronic 
Distribution System flows I 00 but are provided as options to allow the Electronic 

Digital Content Store(s) 103 the opportunity to close its records on is an optional 

process which is available to help the Electronic Digital Content Store(s) 103 feel 
comfortable with the accounting for the Secure Digital Content Electronic Distribution 
System 100. 

In another embodiment, this tool can be updated to provide electronic funds transfers for 

automated periodic payments to the Content Provider(s) 101 payments upon reception 

of an electronic bill from the Clearinghouse(s) 105 after reconciling the bill against the 
Transaction Log 178. 

C. Broadcast Electronic Digital Content Distribution Service 
Broadcast primarily refers to a one to many transmission method where there is no 
personal interaction between the End-User Device(s) 109 and 1 13 as well as prepare 
SC(s) is also used by a satellite based Electronic Digital Content Store(s) 103 to manage 
and prepare Content 113 for distribution on a broadcast infrastructure. The SC(s) 
distributed over a Web service are the same as those distributed over a broadcast service. 

X. END-USER DEVICE(S) 109 

The applications in the End-User Device(s) 109 for the Secure Digital Content 
Electronic Distribution System 100 perform two main functions: first the SC(s) 
processing and copy control; and second playback of encrypted Content 113. Whether the 

End-User to the downloadable objects, the End-User(s) may have a combination of 

physical and electronic downloadable merchandise in his shopping cart. The Secure 
Digital Content Electronic Distribution End-User Device(s) 109 are not involved until 



after the End-User(s) checks out and submits his final purchase authorization to the 
Electronic... of times. 

Until such time as the copy control standards are more stable, alternative methods of 
copy control have been provided in the Secure Digital Content Electronic Distribution 
System 100 so that it does not rely on the copy control watermark in order to provide 
rights management in the consumer device. Storage and p lay/record usage conditions 
security is implemented utilizing encrypted DC Library Collections 196 that are tied to 

the algorithm. Thus use of widely accepted and proven industry standard algorithms 

can be used thus further enhancing Digital Content Industry acceptance of the Secure 
Digital Content Electronic Distribution System 100. 

The second purpose of this Deciyption and Re- Encryption 194 process is to remove the 

requirement that the original master encryption Key 623 encrypt the Content II 3 is 

used for any associated metadata needing to be encrypted. 

D. The Player Application 195 
1. Overview 

The Secure Digital Content Electronic Distribution Player Application 195 (referred to 
here as the Player Application 195) is analogous to both a CD, DVD or other Digital 
Content player and to. ..as handle requests for information about the stored songs. 

6. Inter-application Communication Components 1508 

These components are used for coordination between the Secure Digital Content 
Electronic Distribution Player and other applications (e.g., Browser, helper-app and/or 
plug-in, etc) that may invoke the Player Application 195, or that the Player... by the Player 
Application 195. A typical audio enthusiast has a library of CDS holding songs. All of 
these are available within the Secure Digital Content Electronic Distribution System 
100. The set of songs that have been purchased from Electronic Digital Content Store(s) 
103 are stored within a Digital Content Library 196... 
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English Abstract: 



The present inventions provide an integrated, modular array of administrative and support 
services for electronic commerce and electronic rights and transaction management. 
These administrative and support services supply a secure foundation for conducting 
financial management, rights management, certificate authority, rules clearing, usage 
clearing, secure directory services, and other transaction related capabilities functioning 
over a vast electronic network such as the Internet and... 

Detailed Description: 

TRUSTED INFRASTRUCTURE SUPPORT SYSTEMS, 

METHODS AND TECHNIQUES FOR 

SECURE ELECTRONIC COMMERCE, ELECTRONIC 

TRANSACTIONS, COMMERCE PROCESS CONTROL 

AND AUTOMATION, DISTRIBUTED COMPUTING, AND 

RIGHTS MANAGEMENT 

Field of the Inventions 

These inventions generally relate to optimally bringing the 
efficiencies of modem computing and networking to the 

I 0 administration and support interactions and 

consequences and ftirther relate to a secure architecture enabling 
distributed, trusted administration for electronic commerce. 

These inventions relate, in more detail, to a "Distributed 
Commerce Utility" - a foundation for the administration and 
1 5 support of electronic commerce and other electronic interaction and 
relationship environments. 

In still more detail... sound recordings, still 

images, software computer programs, data), and to many 

types of electronic control processes, require secure, 



6 

flexible and widely interoperable mechanisms for 
managing their rights and administering their business 
models, including collecting, when desired, payments 
and relevant usage information for various uses of their 
content. 

All parties require infrastructure support above-referenced Ginter, et al. patent 

specification 

describes technology providing unique, powerful capabilities 
instrumental to the development of secure, distributed transaction 
based electronic commerce and rights management. This 
technology can enable many important, new business models and 
business practices on the part of electronic commerce participants 

while also supporting existing business models et al. specification describes 

comprehensive 

overall systems and wide arrays of methods, techniques, structures 

and arrangements that enable secure, efficient distributed 

7 

electronic commerce and rights management on the Internet (and 
Intranets), within companies large and small, in the living room, 
and in the home office. Such techniques, systems and 
arrangements bring about an unparalleled degree of security, 
reliability, efficiency and flexibility to electronic commerce and 
electronic rights management. 

The Ginter, et al. patent specification also describes an 
"Information Utility" - a network of support and administrative 

services, facilities and installations that grease the wheels Features and Advantages of 

the 

Present Inventions 

The present inventions provide an integrated, modular array 
of administrative and support services for electronic commerce 
and electronic rights and transaction management. These 
administrative and support services supply a secure foundation for 
conducting financial management, rights management, certificate 
authority, rules clearing, usage clearing, secure directory services, 
and other transaction related capabilities functioning over a vast 
I 0 electronic network such as the to competitive business realities. 

The present inventions provide a "Distributed Commerce 
Utility" having a secure, programmable, distributed architecture 
that provides administrative and support services. The Distributed 
Commerce Utility can make optimally efficient use of commerce 
administration resources, and can scale in a practical fashion to 
accommodate the demands of electronic commerce... with 



I 0 varying degrees of distribution. 

The comprehensive "Distributed Commerce Utility" 
provided by the present invention. 

9 Enables practical and efficient electronic commerce and 
rights management. 

15 9 Provides services that securely administer and support 
electronic interactions and consequences. 

9 Provides infrastructure for electronic commerce and 

other forms of human... reuse), as appropriate, local, centralized, and 

1 5 networked resources. As a result, the Distributed 

Commerce Utility optimally enables practical and 

efficient electronic commerce and rights management 

models that can amortize resource maintenance costs 

through common usage of the same, or overlapping, 

resource base. 

One or more Distributed Commerce Utility commerce 
models... service volume. 

The Distributed Commerce Utility technologies 
provided by the present inventions provide a set of 
secure, distributed support and administrative 
services for electronic commerce, rights management, 
and distributed computing and process control. 

The Distributed Commerce Utility support services 
including highly secure and sophisticated technical 

and/or contractual services, may be invoked.. .automated, distributed, secure process 
administration and control, 

o Virtual Distribution Environment chain-of-handling and 
control, and 

o rights administration and usage (e.g., event) management 

29 

(e.g., auditing, control, rights fulfillment, etc.), across 
and/or within electronic networks, including 
4 Cunconnected," virtually connected, or periodically 
connected networks. 

The Commerce Utility Systems may govern electronic process consideration 

(including service fees, product fees or any 
other fees and/or charges) based at least in part on 
content, process control (event) and/or rights 



management, 

performing audit, billing, payment fulfillment (or 
provision of other consideration) and/or other clearing 
activities, 

compiling, aggregating, using and/or providing 
information relating to use. ..of how disaggregation can be 
implemented within a financial clearinghouse context; 
Figure 25 shows a value chain disaggregation example that 
also details compensation to the Distributed Commerce Utility; 
Figure 26 shows an example value chain (payment) 
disaggregation to any number of payees; 

Figure 27 shows an additional example of how value.. .400a, and at least some certifying 

functions 500a. This type of overall electronic 

Commerce Utility System 90A might, for example, 

be in the business of managing and granting rights on 

behalf of rights holders and in handling payments 

based on those rights. 

The Commerce Utility System 90D 'ust to the right of 
installation 90 A... transactions being 

managed, and a variety of other factors. Delegation of clearing 
authority may be partial (e.g., delegate usage aggregation but not 
financial or rights management responsibilities), and may be 
consistent with peer-to-peer processing (e.g., by placing some 
functions within consumers' electronic appliances while keeping 
some more important... Utility Systems 90, 
1 5 including. 

Information Consumers (including for example, 
people who make use of the information "exhaust" 
generated by electronic commerce, electronic 
transaction management and rights management 

activities); 

Content Rightsholders and other Electronic 
Providers; 

Participants in the broadest range of secure, 
distributed electronic commerce transactions.; 
82 

U3AIIP-jU3A3 'z) ...creation and processing, 

market research, 

negotiation, 

* control set database management, 
87 

e control set generation, 
e process control logic, 

* event flow generation, 



e routing, 

* archiving, 

* rights and permissions database management. 

o template database management, 

o commerce management language processing, 

o rights management language processing, 

o advertising database management, 

e automatic class generation, 

o automatic class assignment, 

o notary, 

0 seal generator, 
88 

e digital time stamp, 

* fingerprint... other 

consideration including service fees, product fees 
and/or any other fees or charges based at least in part 
on content, process control, and/or rights 
management use. 

e Supporting wide use of micro-fees and micro 
payments at least in part based on content, process 

control, and/or other usage transactions... disclosed in this specification fundamentally 

1 0 transform pass-along from a clear threat to an important 
opportunity. Because of the unique, automated, secure electronic 
management of value chain rights provided by the ...puenqlu2 XiluDijuLuolnu 001 
soomildde 

Z9ZVI/96Sfl/JLJd ISCOT/96 OM 

clearinghouse 300(1) is to collect and analyze information relating 

to the usage of the content 166 directly distributed by creator 164, 

and that another usage clearinghouse 300(2) is to collect and 

analyze usage information pertaining to the usage of the work 166... countervailing 

interests by offering consumer 95 a financial 

incentive for more full disclosure but giving the consumer a 

choice. 

In this example, rights holder 164 distributes electronic 
content and associated controls to consumer 95. The controls may 
specify options for revealing usage information. The consumer 
I 0 may choose. 

to pay full price... protected digital 
properties) to be used and not used, and any 
consequences of such use and/or misuse. 

Providing VIDE supported capabilities to distribute 
and manage rights and business rules (including pre 



approved and other permissions) along an ad hoc 
electronic value chain, where such rights and business 
rules are persistently supported... of, for 
example, mixed iconic, positional, flow diagram, and 
textual information, and wherein rules and controls are 
implemented, for example, through the use of a rights 
management language, and wherein, for example, 
elements or higher level representation of such elements 
of the rights language may directly correspond to 
graphical representation components. 

Multiple.. .417, 
Replication 418, 
Registration 419, and 
Propagation 420. 

0 The rights and permissions clearinghouse 400's primary task 
of object registration is performed by database management 412. 

In this connection, rights and permissions clearinghouse 400 may 

receive control sets 188 and corresponding ...for the task of distributing (via distribution 

function 

410) all permissions relating to a particular property. Since 
permissions and/or prices may expire or change, rights and 
178 
sets. 

Rights and permissions clearinghouse 400 may also provide 
a reporting function 417, issuing reports 406 pertaining to the 

permissions and/or prices it has issued or... have received the shared secret in the first 
place), the shared secret alone might be adequate to receive, for 
example, a permission that replaces or updates an expired 
permission. 

Rights and permissions clearinghouse 400 also includes a 
permission negotiation engine 416 that may be used to negotiate 
permissions 188 that haven't been pre-approved.. .It may be possible in this 
example for a user to avoid using templates 450 altogether and 
instead define permissions 188 in terms of a rights management 
language (for example, a natural or computer-based language) 
but a large percentage of users will prefer the easy-to-use graphics 
interface that templates... with a mouse pointing device to fill in the 
options desired). In another example, a rights holder could define 
his or her preferences using a rights management language that a 
computer could automatically compile or otherwise process to fill 
189 



in rights template 450 and/or construct associated control set(s) 

18 8... associated with certain rules and 

192 

controls allowing certain electronic activities such as 
usage of content and/or control processes in, for 
example, multiparty EDI, content distribution, trading 
system, and/or financial transaction systems. 

Generating ...and/or 

authenticating steps in distributed proprietary 
information, EDI, financial transaction, and/or trading 
system value chain activities that very substantially 
improves security for distributed rights management, 
wherein such security can meet or exceed the security 
available with centralized, online commerce models. 

0 May manage at least a portion of the transactions. ..transmit 
the container 152 to the next system (Figure 58D, block 6012). 

The next system may be an additional security checkpoint system 
6000 that performs additional processing (Figure 58D, blocks 
6016,60041600696008). 

EXAMPLES 

Example - Electronic Content Distribution Value Chain 

Figure 59 shows how example Distributed Commerce 

Utility 75 can be used to support an example electronic content 

1 5 distribution value chain 162. In the Figure 59 example, an author 
164 may create a valuable work, such as a novel, television 

program, musical composition, or... report might contain a list of objects registered at 

the rights and permissions clearinghouse 400 by a particular 

publisher, the number of requests to the rights and permissions 

clearinghouse for updated or additional rights and permissions, 

financial clearinghouse 200 summary revenue numbers for each 

digital property, the number of certificates by the certifying 

authority 500 on behalf of the... open the secure 

container 152(9), debit the lawyer's credit card account, and pay 

the appropriate provider accounts their due. 

The CompAny 

Preliminary to content transactions, a distributed corporate 

1 5 financial clearinghouse 200A within the company 95(3), while 

operating under the authority of the financial clearinghouse 200, 

sends to each of... efficiency requirements as 

commerce in intangibles (e.g., digital information). For tile 

computer to become a true commerce appliance, a distributed, 



I 0 secure, trusted rights/event management software layer (e.g., 
rights operating system or middleware) such as the Virtual 
Distribution Environment described in the Ginter et al. 

specification is a necessity. Thus, even when tangibles rather.. .to a smart card or the like). 

Media player 104 has a protected processing environment 

154 such as a secure processing unit for use in managing rights 

and manipulating the electronic containers. The storage media 

1 5 might also be played by a personal computer 124 equipped with a 

protected processing environment and a network connection. 

Set top box 104 may be controlled by electronic controls 
distributed on the media and/or via the back channel. The controls 
require the set top box 104 to record customer usage and payment 
information for each property the... type of 
information can be very useful to advertisers and marketers. 

Disney may also operate a rights and permissions 
clearinghouse 400. Even though permissions are distributed on 
the optical media in this example, the rights and permissions 
clearinghouse can provide supplemental control sets for various 
reasons. For example, the control sets distributed on the media 
may expire on a certain date. Rights and permissions 
I 0 clearinghouse 400 may issue new control sets in lieu of the 
expired ones. Rights... 



Claims: 

1 An electronic commerce and/or rights management system for 
performing at least one clearing operation, the system comprising :a first electronic 

appliance (I 00),5 a second electronic appliance (I 00'), and the clearing operation, 

andthe second electronic appliance (100') performs at least asecond part of the clearing 
operation. 

2 An electronic commerce and/or rights management system as in 

5 claim I further characterized in that the first part of the clearing operation includes at 
least one micropayment aggregation task, and the second part ofthe clearing operation 
includes at least one payment settlement task. 

3 An electronic commerce and/or rights management system as ill 

claim I further characterized in that that the first electronic appliance (100) comprises a 
consumer appliance, and the second electronic appliance (I 00') isinstalled, at least in 
part, within a clearing institution. 

4 An electronic commerce and/or rights management system as in 

claim I further characterized in that at least the first electronic appliance (I 00)includes a 
protected processing environment (I 54). 



5 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first part of the clearing operationcomprises a 
usage metering task (I 16). 

6 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first part of the clearing operation comprises at 
least one task conditioned on a digital certificate (504).325claim I further characterized in 
that the first part of the clearing operationcomprises at least one rights management 
task. 

8 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first part of the clearing operationcomprises at 
least one electronic currency management task. 

9 An electronic commerce and/or rights management system as in 

claim I further characterized in that most of the clearing operation isperformed by the 
first appliance (I 00). I 0 1 0. An electronic commerce and/or rights management system 
as inclaim I further characterized in that most of the clearing operation isperformed by 
the second appliance (I 00'),I 1. An electronic commerce and/or rights management 
system as inclaim I further characterized in that the system further includes a third 1 5 

electronic appliance (I 00") coupled to at least I 00') through the network (I 50), the 

thirdelectronic appliance performing a third part of the clearing operation. 

12 An electronic commerce and/or rights management system as in 

claim I further characterized in that each of the first and second appliances (I 00, 1 00') 
are capable of performing any... of said operations may be distributed indifferent ways 
between the first and second appliances (I 00., I 00'). 

13 An electronic commerce and/or rights management system as in 

claim I further characterized in that the electronic network (I 50) couples the first and 
second electronic appliances (I 00, 1 00') to a commerce utility system web. 

14 An electronic commerce and/or rights management system as in 

claim I further characterized in that an electronic rights holder canelectronically choose 

between the first electronic appliance (I 00) and the in that the first and second 

electronic appliances(I 00, 1 00') work together to perform overall transaction clearing. 

16 An electronic commerce and/or rights management system as in 

claim I further characterized in that each of the first and second appliances (I 00, 1 00') 

performs each of: at least certifying authority operation, at least one transaction 

authority operation, and at least one secure directory services operation. I 0 17. An 
electronic commerce and/or rights management system as inclaim I further 
characterized in that the first electronic appliance (I 00) comprises a hierarchy of plural 
commerce utility systems (90(1),... 90(n)). 

18 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first electronic appliance (100) isl 5 organization- 
specific. 

19 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first electronic appliance (I 00) isvertically 
specialized. 

20 An electronic commerce and/or rights management system as in 

claim I further characterized in that the first electronic appliance (100) is specialized by 
territory and/or jurisdiction.2 1. An electronic commerce and/or rights management 



system as inclaim I further characterized in that the first and second electronic 
appliances(I 00, 1 00') communicate and coordinate as peers and in a hierarchy. 

22 An electronic commerce and/or rights management system as in 

claim I further characterized in that that clearing operation includesprocessing payment 
related information, and performing at least one payment related transaction. 

23 An electronic commerce and/or rights management system as in 

claim I further characterized in that that clearing operation includesprocessing usage 
related information and performing at least one usagereporting action. 327claim I further 
characterized in that that clearing operation includes receiving at least one request, and 
performing at least one associated rights management transaction. 

25 An electronic commerce and/or rights management system as in 

claim I further characterized in that that clearing operation includes issuing atleast one 
digital certificate. 

26 An electronic commerce and/or rights management system as in 

claim I further characterized in that that clearing operation includes securelyl 0 providing 
directory information. 

27 An electronic commerce and/or rights management system as in 

claim I further characterized in that that clearing operation includesperforming at least 
one process management transaction. 

28 An electronic commerce and/or rights management system as in 

5 claim I whether the first and second parts of the clearing operation support one another. 

29 An electronic commerce and/or rights management system as in 

claim I wherein at least one of the first and second electronic appliances (100, 1 00') 

includes a rights operating system that securely and separately supplied by 

saidclearinghouse arrangement and at least one third party digitalinformation 
rightsholder. 

2 A method for creating a cooperative, distributed rights management 
commercial arrangement, wherein said method comprises the steps ofa. Establishing 
plural commerce service arrangements for theperformance of system services comprising 
two or more. ..users and/or end-userinstallations; andc. Enabling a digital information 
rightsholder and/or said end-usercertificate issuer to at least in part manage usage rights 
related tocertain digital information as a result of said rightsholderand/or saidend-user 
certificate issuer associating one or more said rightsholderand/or... said digital infori- 
nation and/or said container to said at least one additional party. 338AMENDED SHEET 
(ARTICLE 19)b. Establishing a programmed hierarchical rights 
managementrelationship between plural of said distributed commerce appliances 
and/orusers of said distributed commerce appliances; andc. Separately producing, at least 
in part in... the steps of. a. Establishing distributed commerce nodes;339AMENDED 
SHEET (ARTICLE 19)b. Establishing a trusted commerce utility system to at least in 
partmanage use rights related to resources available at one or more of saiddistributed 
commerce nodes;c. Establishing use rights information to at least in part govern use... 
...otherwise communicate one or more currency objects. 340 AMENDED SHIEET 
(ARTICLE 19). A method for supporting payment settlement related, at least in part, to 
electronically rights managed electronic commerce, said method comprising the steps 
ofa. Enabling a financial clearinghouse employing at least one protectedprocessing 
environment to securely receive payment related... processing environment at said 



clearinghouse, at least a portion of said payment related information including governing 
payment fulfillment at least in part based upon electronic rightsmanagement control 
information processed ; andd. Securely communicating payment fulfillment information 
to at leastone of (1) a payment fulfillment organization, and (2) an intended 
recipient... and controls securely and separately supplied by at least one third party digital 
information rightsholder, and said local store of information. 157. A cooperative, 
distributed rights management commercial system forproviding plural system services 
for use by digital information rightshoiders, saidsystem comprising :plural commerce 
service arrangements for the performance of system... users and/or end-user installations, 
andmeans for enabling said digital information rightsholder and/or said first end user to at 
least in part manage usage rights related to certain dialtal information as a result of said 
rightsholder and/or said first end-user associating one or more said end-user 
issued... communications network for communicating at least in partsecured digital 
information provided by a first commercial party to a second commercial party different 
from said first commercial partN a distributedelectronic security checkpoint system 
comprising: at least one checkpoint electronic switch for at least in part receiving said 
secured digital information, and for interacting with. ..of end-user commerce 
appliances. 174. A hierarchical commerce infrastructure comprising:plural trusted, 
distributed commerce appliances having associated users: means for establishing a 
programmed hierarchical rights managementrelationship between said plural distributed 
commerce appliances and/or said usersof said distributed commerce appliances; 
andmeans for separately producing, at least in part... servicing at least one of said end-user 
commerce nodes. 176. A virtual computer comprising:a trusted commerce utility system 
for at least in part managing userights related to resources available at plural distributed 
commerce nodes,means for establishing use rights information to at least in part 

governuse of physical and ability to deliver or otherwise communicate one or more 

currencv objects. 178. A system for supporting payment settlement related, at least in 
part, to electronically rights managed electronic commerce, said system including plural 
distributed electronic commerce nodes located at remote end-user sites, saidsystem 

comprising:at least one financial clearinghouse including aportion of said payment 

related information, said processing including atleast in part governing payment 
fulfillment information at least in partbased upon electronic rights management control 
information processed.372AMENDED SHEET (ARITICLE 1 9)wherein the 
communications arrangement securely communicates paymentfulfillment related 
information to at least one of (l...said rules securely and separateiv supplied by said 
clearinghouse facility and said at least one third party digital information 
rightsholder. 197. In a cooperative, distributed rights management commercial 
systemincluding at least one value chain participant node, said system providing plural 
system services for use by digital information rightshoiders, a commerce service... part, on 
control information provided by a second party different from said first 
party.381 AMENDED SHEET (ARTICLE 1 9). An electronic commerce and/or rights 
management system forperforming at least one clearing operation, the system 
comprising:a first electronic appliance (I 00),a second electronic appliance (I 00'), 

andan clearing operation, andthe second electronic appliance (I 00') performs at least 

a second part of the clearing operation. 204. An electronic commerce and/or rights 
management system as inclaim 203 further characterized in that the first part of the 



clearing operation includes at least one micropayment aggregation task, and the second 
part of the clearing operation includes at least one payment settlement task.205. An 
electronic commerce and/or rights management system as inclaim 203 further 
characterized in that that the first electronic appliance (I 00) ...consumer appliance, and 
the second electronic appliance (I 00') is installed, at least in part, within a clearing 
institution.206. An electronic commerce and/or rights management system as inclaim 
203 further characterized in that at least the first electronic appliance (I 00) includes a 
protected processing environment (1 54).207. An electronic commerce and/or rights 
management system as inclaim 203 further characterized in that the first part of the 
clearing operation382AMENDED SHEET (ARTiCLE 19)comprises a usage metering 
task (I 16). 208. An electronic commerce and/or rights management system as inclaim 
203 further characterized in that the first part of the clearing operation comprises at least 
one task conditioned on a digital certificate (504).209. An electronic commerce and/or 
rights management system as inclaim 203 further characterized in that the first part of 
the clearing operation comprises at least one rights management task.2 1 0. An 
electronic commerce and/or rights management system as inclaim 203 further 
characterized in that the first part of the clearing operation comprises at least one 
electronic currency management task.2 1 1. An electronic commerce and/or rights 
management system as inclaim 203 further characterized in that most of the clearing 
operation is performed by the first appliance (I 00).212. An electronic commerce and/or 
rights management system as inclaim 203 further characterized in that most of the 
clearing operation is performed by the second appliance (100').213. An electronic 
commerce and/or rights management system, as inclaim 203 further characterized in 
that the system further includes a third electronic appliance (I 00") coupled to at least one 

of I 00') through the network (I 50), the third electronic appliance performing a third 

part of the clearing operation.214. An electronic commerce and/or rights management 
system as in383AMENDED SHEET (ARTICLE 19)claim 203 further characterized in 

that each of the first and second appliances (I 00, 1 00 of said operations may be 

distributed in different ways between the first and second appliances (I 00, 1 00').215. An 
electronic commerce and/or rights management system as inclaim 203 further 
characterized in that the electronic network (I 50) couples the first and second electronic 
appliances (I 00, 1 00') to a commerce utility system web.216. An electronic commerce 
and/or rights management system as inclaim 203 further characterized in that an 
electronic rights holder canelectronically choose between the first electronic appliance 
(100) and the second electronic appliance (100'). 217. An electronic commerce and/or 
rights management system as inclaim 203 further characterized in that the first and 
second electronic appliances (I 00, 1 00') work together to perform overall transaction 
clearing. 218. An electronic commerce and/or rights management system as inclaim 203 
further characterized in that each of the first and second appliances (100, 100') performs 

each of. at least one financial least one certifying authority operation, at least one 

transaction authority operation, and at least one secure directory services operation.219. 
An electronic commerce and/or rights management system as in384AMENDED 
S14EET (ARTICLE 19)claim 203 further characterized in that the first electronic 
appliance (I 00) comprises a hierarchy of plural commerce utility systems (90(1),... 
90(n)).220. An electronic commerce and/or rights management system as inclaim 203 
further characterized in that the first electronic appliance (I 00) is organization- 



specific.22 1. An electronic commerce and/or rights management system as inclaim 203 
further characterized in that the first electronic appliance (I 00) is vertically 
specialized.222. An electronic commerce and/or rights management system as inclaim 
203 further characterized in that the first electronic appliance (I 00) is specialized by 
territory and/or jurisdiction.223. An electronic commerce and/or rights management 
system as inclaim 203 further characterized in that the first and second electronic 
appliances (I 00. 1 00') communicate and coordinate as peers and in a hierarchy.224. An 
electronic commerce and/or rights management system as inclaim 203 further 
characterized in that that clearing operation includes processingpayment related 
information, and performing at least one payment relatedtransaction.225. An electronic 
commerce and/or rights management system as inclaim 203 further characterized in that 
that clearing operation includes processing usage related information and performing at 
least one usage reporting action.226. An electronic commerce and/or rights 
management system as in385AMENDED SHEET (ARTICLE 19)claim 203 further 
characterized in that that clearing operation includes receiving at least one request, and 
performing at least one associated rights management transaction. 227. An electronic 
commerce and/or rights management system as inclaim 203 further characterized in that 
that clearing operation includes issuing at least one digital certificate.228. An electronic 
commerce and/or rights management system as inclaim 203 further characterized in that 
that clearing operation includes securely providing directory information. 229. An 
electronic commerce and/or rights management system as inclaim 203 further 
characterized in that that clearing operation includes performing at least one process 
management transaction. 230. An electronic commerce and/or rights management 
system as inclaim 203 whether the first and second parts of the clearing operation support 
one another.23 1. An electronic commerce and/or rights management system as inclaim 
203 wherein at least one of the first and second electronic appliances (I 00, 100') includes 
a rights operating system that... 
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Detailed Description: 

...both "translations" of VDE electronic 
agreements elements into modern language printed 
agreement elements (such as English language 
agreements) and translations of electronic rights 
protection/transaction management modem 
- 116 



agreement elements. This feature requires 
maintaining a library of textual language that 
corresponds to VDE load modules and/or methods 

and/or component support the use of multiple VDE secure subsystems 

in a single VDE installation. Various security 
and/or performance advantages may be realized by 
employing a distributed VDE design within a single 
VDE installation. For example, designing a 
hardware based VDE secure subsystem into an 
electronic appliance VDE display device, and 
designing. ..that failed to make 
payments and/or report usage information to a 

- 121 

content provider might find that their budget for 

creating permissions records to distribute the 

content provider's content to users, and/or a security 

budget limiting one or more other aspect of their use 

of the provider's content, ...are used to cany out VDE managed 

transaction related processing. These triggered 

methods include independently (separably) and 

- 126 

securely processable component billing management 
methods, budgeting management methods, metering 
management methods, and related auditing 
management processes. As a result of this feature of 
the present invention, independent triggering of 
metering, auditing, billing, and budgeting methods, 
the present invention is able to efficiexitly, 
concurrently support multiple financial currencies 
(e.g. dollars, marks, yen) and content related 
budgets, and/or billing increments as well as verv 
flexible content distribution models. 

support, complete, modular separation of the control 
structures related to (1) content event triggering, (2) 
auditing, (3) budgeting (includiner specifying ...available 
remotely by telecommunication means). Required methods 
(methods listed as required for property and/or appliance use) 
must be available as specified if VDE controlled content (such as 
intellectual property distributed within a VDE content container) 
is to be used. Methods that control content may apply to a 

plurality of VDE container ob ects, such as a class or other... or she will allow to be 
reported and/or a financial 

clearinghouse establishing certain criteria for use of its credit for 
payment for use of distributed content) can be confident that 
their contributed and accepted control information will be 



enforced (within the security limitations of a given VDE security 

implementation design). This can determine, 

for example. 

(1) How and/or to whom electronic content can be 
ided, for example, how an electro 

provi iuc property 
can be distributed; 

(2) How one or more objects and/or properties, or 
portions of an object or property, can be directly 

used, such as decrypted, displayed, printed.. .to support the 
various underlying agreements between parties that comprise 
this extended agreement. These agreements can define 
important electronic commerce considerations including. 

(1) security, 

(2) content use control, including electronic distribution, 

(3) privacy (regarding, for example, information 
concerning parties described by medical, credit, tax, 
personal, and/or of other forms of confidential 
information), 

(4) management of...44A-44C show an example of a 'reciprocal" 
AUDIT method; 

FIGURES 45-48 show examples of several methods being 
used together to control release of content or other information; 
FIGURES 49, 49A-49F show an example OPEN method; 
FIGURES 50, 5OA-50F show an example of a READ 
method; 

FIGURES 51... this invention. Following 

this overview is a more technical 'detail description' of example 
embodiments in accordance with the invention. 

Overview 

Figure 1 shows a 'Virtual Distribution Environment" 
(NDE") 100 that may be provided in accordance with this 
invention. In Figure 1, an information utilit 200 connects to 
communications means 202 such. ..you can think of can be 
supported by virtual distribution environment 100. A few of 
many examples of transactions that can be supported by virtual 
distribution environment 100 include. 
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suollousuva,L e:@ioddnS SjjjTqTx9jd HC[A 
.-IO.IJU03 pue j3uTIpuuqjo =Tp, 

oruoipaja XIalaldwoo e saM!l-IDPJ OOT juauiuoitAua... Figure 1 also shows a 
publishing house 214. Publishing 



house 214 may act as a distributor for an author 206. The 
publishing house 214 may distribute rigrlits to use "content" (such 
as computer software, electronic newspapers, the video produced 
by publishing house 214, audio, or any other data) to consumers 

such as office 210. The from the content they 

apply to provides great advantages. 

Use rights distributed by publishing house 214 may, for 
example, permit office 210 to make and distribute copies of the 
content to its employees. Office 210 may act as a redistributor by 
extending a 'chain of handling and control" to its employees. 

The office 210 may... themselves are not delivered electronically by information utility 
200 over lines 202, they are still part of the virtual distribution 
environment 100. The electronic storage media may be used to 
distribute content, "rules and controls,' or other information. 

169 

Example of What's Inside Information Utility 200 

"Information utility" 200 in Figure 1 can be a collection to participants within 

information utility 200. A "report 

receiver" 200e may receive reports such as usage reports from 
content users. A "permissioning agent" 200f may distribute 
"rules and controls" granting usage or distribution permissions 
based on a profile of a consumer's credit worthiness, for example. 

- 170 

An administrator 200h may provide information that keeps the 

virtual distribution 100 operating properly. A 

content and message storage 200g may store information for use 
by participants within or outside of information utility 200. 

Example of Distributing Content' Using A Chain of Handling 
and Control' 

As explained above, virtual distribution enviromment 100 
can be used to manage almost any sort of transaction. One type 
of important transaction that virtual distribution environment 
100 may be used to manage is the distribution or communication 
of 'content" or other important information. Figure 2 more 
abstractly shows a "model" of how the Figure 1 Virtual 
distribution environment 100 may be used to provide a "chain of 
handling and control" for distributing content. Each of the 
blocks in Figure 2 may correspond to one or more of the VDE 
participants shown in Figure 1. 



In the Figure 2 example, a VDE content creato 102 



creates 'conten ." The content creator 102 may also specify 
"rules and controls" for distributinLr the content. These 
distribution-related "rules and controls' can specify who has 
permission to distnibute the rights to ...an electronic hiLrhwa 108 (or 
by some other path such as an optical disk sent by a delivery 
service such as U. S. mail). The content can be distributed over 
the same or different path used to send the "rules and controls.' 
The distributor 106 generates her own "rules and controls" that 
relate to These 

usage-related "rules and controls' must be consistent with the 
'rules and controls" specified by content creator 102. 

Arrow 110 shows the distributor 106 distributing rights to 
use the content by sending the content's 'rules and controls" to a 
conten use 1 12 such as a consumer. The content user 1 12 uses 
the content in... shown in Figure 2 may grant specific individuals or 
classes of content users 1 12 "permission" to use certain content. 

They may specify what kinds of content usage are permitted, and 
what kinds are not. They may specify how content usage is to be 

paid for and how much it costs. As participants. "Rules and controls" provide 

information and 

mechanisms that may establish interdependencies and 
relationships between the participants. "Rules and controls" are 
flexible, and permit "virtual distribution environment' 100 to 
support most 'traditional' business transactions. For example. 

"Rules and controls' may specify which financial 
clearinghouse(s) 116 may process payments, 

'Rules and example, a content user 112 generally can't change 'n@des and 

controls" SIDecified by a distributor 106 that require the user to 
pay for content usage at a certain rate. 'Rules and controls' may 
"persist" as they pass through a 'chain of handling and control," 
and may be "inherited" as just as 

retail stores 'mark up" the wholesale pnice of goods. Figure 2A 
shows an example in which certain "rules and controls" persist 
unchanged from content creator 102 to content user 1 12; other 
"rules and controls' are modified or deleted by distributor 106; 
and still other "rules and controls" are added bv the distributor. 

"Rules s privacy by limiting the information that is reported to 
other VDE participants. As one example, 'rules and controls" 
can cause content usage information to be reported anonymously 
without revealing content user identity, or it can reveal only 
certain information to certain participants (for example, 
information derived revealed to allows the 



privacy rights of 0 VDE participants to be protected. 

- 176 

Rules and Contents' Can Be Separately Delivered 
As mentioned above, virtual distribution environment 100 
"associates" content with corresponding "rules and controls," and 
prevents the content from being used or accessed unless a set of 
corresponding 'rules and controls' is available. The distributor 
106 doesn't need to deliver content to control the content's 
distribution. The preferred embodiment can securely protect 
content by protecting corresponding, usage enabling "rules and 
controls" against unauthorized distribution and use. 

In some examples, "rules and controls' may travel with the 
content they apply to. Virtual distribution environment 100 also 
allows "rules and controls' to be delivered separately from 
content. Since no one can use or access protected content 

without 'permission" from the highway. Content 

may be used at the time it is delivered, or it may be stored for 
later use or reuse. 

- 177 

The virtual distribution environment 100 also allows 
payment and reporting means to be delivered separately. For 
example, the content user 1 12 may have a virtual "credit card" 
that that happen 

('events") and determines which of those "events" need action by 
the other "processes." The "events' may include, for example, a 
request to use content or generate a usage permission. Some 
events may need additional processing, and others may not. 

Whether an "event" needs more processing depends on the "rules. ..novel (so the purchase 
price can be charged to the 

user), and treat all later requests to open the same novel as 
'insignificant events." Other content (for example, searching an 
electronic telephone directory) may require the user to pay a fee 
for each access. 

"Meter" process 404 keeps track of events such limits. 

Content may be supplied to the user once these processes 
have been successfully performed. 

Containers and Objects' 

Figure 5A shows how the virtual distribution environment 
100, in a preferred embodiment, may package information 



elements (content) into a 'containe " 302 so the information can't 
be accessed except as provided... can distnibute the object, 
and what other control mechanisms must be active. For 
example, permissions record 808 may specify a user's rights to 
use, distribute and/or administer the container 302 and its 
content. Permissions record 808 may also specify requirements 
to be applied by the budgets 308 and "other... printer 622; 
broadcast reception 624; 
a document scanner 626; and 

a "cable" 628 connecting the appliance with a 'network." 
Virtual distribution environment 100 provides a ' rights 
operating system" 602 that manages appliance 600 and SPU 500 
by controlling their hardware resources. The operating system 
602 may also support at least one "application" 608. Generally, 
"application" 608. ..or "happenings" within appliance 600. 

- 189 

In this example, some of the services performed by "rights 
operating system functions' 604 may be extended based on 
additional "components' delivered to operating system 602. 

'Rights operating system finictions' 604 can collect together and 
use 'components' sent by different participants at different 
times. The... information 

before storing it in secondary storage 652. If information is 

- 192 

encrypted before it is stored, physical access to secondary storage 
652 or its contents does not readily reveal or compromise the 
information. 

Secondary storage 652 in this example stores code and 
data used by CPU 654 and/or SPU 500 to control the overall 
operation of electronic appliance... SPU 500 and a CPU 654. Integration 
may also provide wider distribution if an integrated SPU/CPU 
component is a standard feature of a widely distributed 
microprocessor line. Merging an SPU 500 into a main CPU 654 
of an electronic appliance 600 (or into another appliance or 
appliance peripheral microcomputer or other microcontroller) 
may substantially reduce the overhead cost of... electronic appliance 
secondary memory 652 may be, for example, an instance of ROS 
602 software, application programs 608, objects 300 containing 
201 

VDE controlled property content and related information, and 

management database 610 that stores both information 

associated with objects and VDE control information. ROS 602 

includes software intended for execution... information would have to be replaced by a 



VDE 

clearinghouse, administrator and/or distributor, as may be 

appropriate. This may be achieved by remotely downloading 

update and/or replacement data and/or code. In the event of a 

disabling and/or destruction of processes and/or information as 

described above, the... storage 652) with CPU 654 or other elements of an electronic 

appliance 600 may be the most cost effective way to store VDE 

secure database management files 610 and information that 

needs to be stored external to SPU 500. A host svstem hard disk 

secondary memory 652 used for general purpose... CROS") 602. 

Rights Operating System 602 

Rights Operating System ("ROS') 602 in the preferred 

embodiment is a compact, secure, event-driven, services-based, 

"component" oriented, distributed multiprocessing operating 

system environment that integrates VDE information security 

control information, components and protocols with traditional 

operating system concepts. Like traditional operating systems, 

ROS 602. ..and dedicated component 

drivers for 'low end' set tops are a few of many examples 

can be integrated in traditional and real time operating 

systems 

Distributed 

provides distribution of control information and reciprocal 
control information and mechanisms 

supports conditional execution ...different techniques than a very large 
appliance with high levels of usage by many users. This is 
another aspect of scalability. 

ROS 602 provides a distributed processing environment. 

For example, it permits information and control structures to 
automatically, securely pass between sites as required to fulfill a 
user's requests. Communications... user, user/user, user/creator, 
user/creator/distributor, etc.) Reciprocal control mechanisms 
have many uses in VDE 100 in representing relationships and 
agreements in a distributed environment. 

ROS 602 is scalable. Many portions of ROS 602 control 
structures and kernel(s) are easily portable to various host 
platforms without recompilation. Any.. .control path that uses 
content creator structures to meter user activities; and 
structures created/ovirned by a financial provider to handle 
financial parts of a content distribution transaction (e.g., 
defining a credit budget that must be present in a control 
structure to establish creditworthiness, audit processes which 



must be performed by... dynamically assemble independently deliverable 
components at execution time based on particular objects and 
users provides a high degree of flexibility, and facilitates or 
enables a distributed database, processing, and execution 
enviro=ent. 

One aspect of an advantage of the component-based 

architecture prol@lded by ROS 602 relates to the ability... provides an array of 
configuration options using existing 

operating system components. ROS 602 also communicates with 
external services through the RPC 'interface to seamlessly 
'de distributed and/or remote processing. In smaller scale 
prov-1 

instances of ROS 602, a simpler message passing IPC protocol 

may be used to conserve resources. ..encrypted, protected form to the object switch for 
incorporation 

into the object. Such information provided by SPE 503 may 
-332 

include, in addition to enciypted content or other information, 
one or more PERCs 808, one or more method cores 1000', one or 
more load modules 1 100, one or more data structures.. .and/or memory 
manager 5 718) 'swap out" of the execution space any or all of the 
tasks that are currently active, and "swap in" additional or 
different tasks. 

SPE tasking managed by task manager 576 may be either 

single tasking- (meaning- that only one task may be active at a... may be used to allow 
data structure 

sharing between processes. To implement this "two-phase 
commit" process, each swap block may contain page addresses for 
additional memorv blocks that will be used to store changed 
information. A change page is a local copy of a piece of a data 
element that... 



Claims: 

1 A rights management appliance including: 

a user input device,a user display device,at least one processor, andat least one element 
defining a protected processingenvironment,characten'zed in that the protected processing 
environmentstores and uses permissions, methods, keys, programs and/orother 
information to electronically manage rights. 

2 In a rights management appliance including: 

a user input device,a user display device,at least one processor, andat least one element 
defining a protected processingenvironment,a method of operating the appliance 
characterized by thestep of storing and using permissions, methods, keys, programsand/or 



other information to electronically manage rights. 

3 A rights management appliance including at least one 

processor element at least in part defining a protected processing- 995 environment, 
characterized in that the protected processingenvironment stores and uses permissions, 
methods, keys,programs and/or other information to electronically managerights. 

4 In a rights management appliance including at least one 

processor element at least in part defining a protected processingenvironment, a method 
comprising storing and usingpermissions, methods, keys, programs and/or other 
informationto electronically manage rights. 

5 An electronic appliance arrangement containing atleast 

one secure processing unit and at least one secure databaseoperatively connected to at 
least one of said ...storing and securely processing protected modular 
componentappliance usage control information with said integrated secureprocessing 
unit. 

1 1 A method of compromising a distributed electronic rights 

management system comprising plural nodes having protectedprocessing environments, 
characterized by the following steps:(a) exposing a certification private key,(b) passing at 

least one challenge key exposed by the exposing step,(c) creating a processing 

environment based at least inpart on steps (a) and (b), andparticipating in distributed 
rights management using theprocessing environment created by step (c). - 998 . A 
processing environment for compromising a distributedelectronic rights management 
system comprising plural nodeshaving protected processing environments, characterized 
by thefollowing:protocol passing means including an exposed certificationprivate key for 

passing at least defeating an initialization challenge/response security, and/or (b) 

exposing external communication keys, andmeans coupled to the security detecting 
means forparticipating in distributed rights management. 

13 A method of compromising a distributed electronic rights 

management system comprising plural nodes having associatedprotected processing 
environments, characterized by the steps of. compromising the permissions record of an 
electroniccontainer, andusing the compromised permissions record to access and/oruse 
electronic information. 

14 A system for compromising a distributed electronic rights 

management system comprising plural nodes having associatedprotected processing 
environments, characterized by means for- 999 using a compromised permissions record 
of an electroniccontainer for accessing... 
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...enable a user to securely extract, through the use of 
the secure subsystem at the user's VDE installation, 
at least a portion of the content included within a 
VDE content container to produce a new, secure 
object (content container), such that the extracted 
information is maintained in a continually secure 
manner through the extraction process. Formation 

of the new VDE container containing such g. when at least a portion may 

be used, or what portion or quantity of 
portions may be used); 

(b) allow a user to combine additional content 

with at least a portion of said extracted 
content, such as material authored by the 
extractor and/or content (for example, images, 
video, audio, and/or text) extracted from one or 
more other VDE.. .apply differing control information 
sets to various of such portions based upon said 
portions original control information requirements 
before aggregation. Each of such embedded VDE 
content containers may have its own control 
information in the form of one or more permissions 
records. Alternatively, a negotiation between control 

information associated with various differing metering, 

budgeting, billing and/or payment models. For 
example, content usage payment may be 
automatically made, either through a clearinghouse, 
or directly,, to different content providers for diSerent 
potions. 

enable flexible metering of, or other collection of 
information related to, use of electronic content 
and/or electronic appliances. A feature of the 
present invention enables such flexibility of metering 
control mechanisms to accommodate a simultaneous, 
broad array of (a) dfferent parameters related to 
electronic information content use; (b) different 
increment units (bytes, documents, properties, 
paragraphs, images, etc.) and/or other organizations 
of such electronic content; and/or (c) different 
-94 

categories can be employed for content 

security, usage analysis (for example, market 
surveying), and/or compensation based upon the use 
and/or exposure to VDE managed content. Such 



metering is a flexible basis for ensuring payment for 
content royalties, licensing, purchasing, and/or 
advertising. A feature of the present invention 
provides for... invention's 
trusted/secure, universe wide, distributed 
transaction control and admini tration svstem. 

These components support VDE related: object 
creation (including placing control information on 
content), secure object distribution and management 
(including distribution control information, financial 
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related, and other usage analysis), client internal 
VDE activities arlmini tration and control, security 

management, user interfaces series to 

control information submitted by the client 
admini trator. At a clearinghouse, one or more VDE 
installations may operate together with a trusted 
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distributed database environment (which may 
include concurrent database processing means). A 
financial clearinghouse normally receives at its 
location securely delivered content usage 

information, and user requests. ..provider of original property content 

or appliance, or an agent for such provider (other 

than a clearinghouse). Payment information may be 

packaged in said VDE content container with, or 

without, related content usage information, such as 

metering information. An aspect of the present 

invention further enables certain information 

- 104 

regarding currency use to be specified as unavailable be required to securely 

access "conditionally" anonymous information). 

Currency and credit information, under the 
preferred embodiment of the present invention, is 
treated as admini trative content; 
support fingerprinting (also known as 
waterniarking) for embedding in content such that 
when content protected under the present invention 

is released in clear form from VDE 

container content and/or control information, 
potential copyright violators may be deterred from 
unauthorized extraction or copying. Fingerprinting 
normally is embedded into unencrypted electronic 
content or control information, though it can be 



embedded into encrypted content and later placed in 
unencrypted content in a secure VDE installation 
sub-system as the content 
- 106 

can be re-encrypted for tran mi sion. Embedding 
identification information of the intended recipient 
user and/or VDE installation into content as it 
leaves, for example, an Internet repository, would 
provide important information that would identify or 
assist in identifying any party that managed to 

compromise information identifying a receiving party and/or VDE 

installation can be embedded into a VDE object 
before, or during, decryption, replication, or 
communication of VDE content objects to receivers. 

Fingerprinting electronic content before it is 
encrypted for transfer to a customer or other user 

provides information that can be very useful... support both "tran lations" of VDE 
electronic 

agreements elements into modern language printed 
agreement elements (such as English language 
-110 

agreements) and translations of electronic rights 
protection/transaction management modem 
language agreement elements to electronic VDE 
agreement elements. This feature requires 
maintainin a library of textual language that 

corresponds to VDE load modules and... support the use of multiple VDE secure 
subsystems 

in a single VDE installation. Various security and/or 
performance advantages may be realized by 
employing a distributed VDE design within a single 
VDE installation. For example, designing a 
hardware based VDE secure subsystem into an 
electronic appliance VDE display device, and 
designing... distributor that failed to make payments 
and/or report usage information to a content 
provider might find that their budget for creating 
permissions records to distribute the content 
provider's content to users, and/or a security budget 
-115 

limiting one or more other aspect of their use of the 

provider's content, are not being... and are used to carry out VDE managed transaction 
related processing. These triggered methods include 
independently ( separably) and securely processable 
component billing management methods, budgeting 



management methods, metering management 
methods, and related auditing management 
processes. As a result of this feature of the present 
invention, independent triggering of metering, 
auditing, billing, and budgeting methods, the 

resent invention is able concurrently 

P 

support multiple financial currencies (e.g. dollars, 
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marks, yen) and content related budgets, and/or 
billing increments as well as very flexible content 
distribution models. 

support, complete, modular separation of the control 

structures related to (1) content event triggering, (2) 

auditing, (3) budgeting (including specifying no right 

of use... remotely by telecommunication mesin ). Required methods 

(methods listed as required for property and/or appliance use) 

- 123 

must be available as specified if VDE controlled content (such as 
intellectual property distributed within a VDE content container) 
is to be used. Methods that control content may apply to a 
plurality of VDE container objects, such as a class or other 
grouping present invention 

is that creators, distributors, and users of content can select from 
124 

among a set of predefined methods (if available) to control 

container content usage and distribution functions and/or they 

may have the right to provide new customized methods to control 

at least certain usage fiinctions (such "new" methods may be. ..location of a VDE 

arrangement, to accommodate new or modified 

control information, is performed in the VDE secure subsystem 

and under the control of secure management file updatin 

.9 

programs executed by the protected subsystem. Since all secure 
130 

communications are at least in part encrypted and the processing 

inside the or she will allow to be reported and/or a financial 

clearinghouse establishing certain criteria for use of its credit for 
payment for use of distributed content) can be confident that 
their contributed and accepted control information will be 
enforced (within the security limitations of a given VDE security 
implementation design). This control information shall constitute the resulting 

- 132 

control information set for a given piece of VDE 
managed content and/or VDE installation. 



Electronic Agreements and Rights Protection 

An important feature of VDE is that it can be used to 

assure the admini tration of, and adequacy of security and rights 

protection... to support the 

various underlying agreements between parties that comprise 
this extended agreement. These agreements can define 
important electronic commerce considerations including. 

(1) security, 

(2) content use control, including electronic distribution, 

(3) privacy (regarding, for example, information 
concerning parties described by medical, credit, tax. 

personal, and/or of other forms of confidential 
information), 

(4) management of with control information already in place 
and/or by negotiation between concurrently proposed content 
control information submitted by a plurality of parties. A given 
model may be asynchronously and progressively modified over 

time in accordance with existing senior rules... further example of a chain of handling 

and control involving several categories of VDE participants; 

FIGURE 85 shows a further example of a chain of 

distribution and handling within an organization; 

Figures 86 and 86A show a further example of a chain of 

handling and control; and 

Figure 87 shows an... many examples of transactions that can be supported by virtual 
distribution environment 100 include. 

C home banking and electronic payments; 
C electronic legal contracts; 

C distribution of 'content" such as electronic printed matter, 
video, audio, images and computer program ; and 
C secure communication of private information such as 
medical records and financial information. 

Virtual distribution environment 100 is "virtual" because it 
does not require many of the physical "things" that used to be 
necessary to protect rights, ensure reliable and predictable 
distribution, and ensure proper compensation to content creators 
and distributors. For example, in the past, information was 
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distributed on records or disks that were difficult to copy. In the 
past, private or secret content was distributed in sealed 
envelopes or locked briefcases delivered by courier. To ensure 
appropriate compensation, consumers received goods and 



services only after they handed cash over to a seller. Although 

information utility 200 may deliver information by transferring 

physical "things" such as electronic storage media, the virtual 

distribution environment 100 facilitates a completely electronic 

'chain of handling and control.' 

VDE Flexibility Supports Transactiom 

Information utility 200 fleidbly supports many different 

kinds of information. ..at least $2.00 

based on a credit account with independent financial 

provider 212 (such as Mastercard or VISA) may watch the 

video, 

(2) virtual distribution environment 100 will "meter" each 
time a consumer watches the video, and report usage to 
video production studio 204 from time to time, and 

(3 Figure 1 also shows a publishing house 214. Publishing 

house 214 may act as a distributor for an author 206. The 
publishing house 214 may distribute rights to use "content" (such 
as computer software, electronic newspapers, the video produced 
by pubhsbing house 214, audio, or any other data) to consumers 
such as office 210. The use rights may be defined by 'rules and 
controls' distributed by publishing house 216. Publishing house 
216 may distribute these "rules and controls" with the content, 
but this is not necessary. Because the content can be used only 

by consumers that have the appropriate and its associated 'rules and controls" may be 

distributed 

at different times, in different ways, by different VDE 
participants. The ability of VDE to securely distribute and 
enforce "rules and controls" separately from the content they 
apply to provides great advantages. 

Use rights distributed by publishing house 214 may, for 
example... Even though the electronic storage media 
themselves are not delivered electronically by information utility 
200 over lines 202, they are still part of the virtual distribution 
environment 100. The electronic storage media may be used to 
distribute content, "rules and controls," or other information. 

Example of What's Inside Information Utility 200 

"Information utility" 200 in Figure 1 can be a collection of to participants within 

information utility 200. A "report 

receiver" 200e may receive reports such as usage reports from 
content users. A "permissioning agent" 200f may distribute 
"rules and controls" granting usage or distribution permissions 
based on a proffle of a consumer's credit worthiness, for example. 

An admini trator 200h may provide information that keeps the 



virtual distribution environment 100 operating properly. A 
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content and message storage 2009 may store information for use 
by participants within or outside of information utility 200, 
Ez=ple of Distributing Content' Using A Chain of Handling 
and Control' 

As explained above, virtual distribution environment 100 
can be used to manage almost any sort of transaction. One type 
of important transaction that virtual distribution environment 
100 may be used to manage is the distribution or communication 
of "content' or other important information. Figure 2 more 
abstractly shows a 'moder of how the Figure 1 virtual 
distribution environment 100 may be used to provide a "chain of 
handling and contror for distributing content. Each of the blocks 
in Figure 2 may correspond to one or more of the VDE 
participants shown in Figure 1 . 

In the Figure 2 example, a VDE content creato 102 
creates 'content.' The content creator 102 may also specify 
"rules and controls' for distributng the content. These 
distribution-related "rules and controls" can specify who has 
permission to distribute the rights to use content, and how many 
users are allowed to use the content. 
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sending the 

Arrow 104 shows the content creator 1 
"rules and controls" associated with disk sent by a delivery 
service such as U. S. mail). The content can be distributed over 
the same or different path used to send the "rules and controls." 
The distributor 106 generates her own "rules and controls" that 
relate to usage of the content. The usage-related "rules and 
controls" may, for example, specify what a user can and can't do 

with the content and how much it they may be different people. For example, a 

mu ical performing group may act as both content creator 102 
and distributor 106 by creating and distributing its own musical 
recordings. As another example, a publishing house may act as a 
distributor 106 to distribute rights to use works created by an 
author content creator 102. Content creators 102 may use a 
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distributor 106 to efficiently manage the financial end of content 
distribution. 

The "financial clearinghouse' 116 shown in Figure 2 may 

also be a 'NrDIF, administrator.' Financial clearinghouse 1 16 in its 

VDE administrator role sends 'administrative' information. ..participants. 'Rules and 



controls' provide information and 
mechanisms that may establish interdependencies and 
relationships between the participants. 'Rules and controls" are 
flexible, and permit "virtual distribution environment" 100 to 
support most "traditional' business transactions. For example. 

C 'Rules and controls" may specify which financial 
clearinghouse(s) 116 may process payments, 
C just as 

retail stores "mark up' the wholesale price of goods. Figure 2A 
shows an example in which certain "rules and controls" persist 
unchanged from content creator 102 to content user 112; other 
'rules and controls' are modified or deleted by distributor 106; 
and still other "rules and controls" are added by the distributor. 

'Rules and controls' can be used to protect the content 
user's privacy by limiting the information that is reported to 
other VDE participants. As one example, 'rules and controls" 

can cause content usage information is revealed to allows the 

privacy rights of all VDE participants to be protected. 

Rules and Contents' Can Be Separately Delivered 
As mentioned above, virtual distribution environment 100 
"associates" content with corresponding "rules and controls," and 
prevents the content from being used or accessed unless a set of 
corresponding "rules and controls' is available. The distributor 
106 doesnlt need to deliver content to control the content's 
distribution. The preferred embodiment can securely protect 
content by protecting corresponding, usage enabling "rules and 
controls" against unauthorized distribution and use. 

In some examples, 'rules and controls" may travel with the 
content they apply to. Virtual distribution environment 100 also 
allows "rules and controls' to be delivered separately from 
content. Since no one can use or access protected content 

without "permission" from who lacks permission will not have her request satisfied 

(No 

Go'). As another example, each user request to turn to a new 
page of an electronic book may be satisfied ("Go'), but it may not 
be necessary to meter, bill or budget those requests. A user who 
has purchased a copy... the meter process. 

Billing process 406 determines how much to charge for 
events. It records and reports payment information. 

Budget process 408 limits how much content usage is 



permitted. For example, budget process 408 may limit the 
number of times content may be accessed or copied, or it may 
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limit container 302 is electronic rather than physical. 

Electronic container 302 in one example comprises "digital" 
information having a well defined structure. Container 302 and 
its contents can be called an 'object 300.' 
The Figure 5A example shows items "witbin" and enclosed 
by container 302. However, container 302 may "contain" items 
without... methods 1000. 
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Figure 5B gives some additional detail about permissions 
record 808, budgets 308 and other methods 1000. The 
'permissions record 808 specifies the rights associated with the 
object 300 such as, for example, who can open the container 302, 
who can use the object's contents, who can distribute the object, 
and what other control mechanisms must be active. For example, 
permissions record 808 may specify a usex's rights to use, 
distribute and... storage medium or device; 
a printer 622; 
broadcast reception 624; 
a document scanner 626; and 

a "cable' 628 connecting the appliance with a 'network." 
Virtual distribution environment 100 provides a 'jigbk 
operating =Bice 602 that manages appliance 600 and SPU 500 
by controlling their hardware resources. The operating system 
602 may...tjug system functions" 604 and "other operating 
system functions 606. The 'rights and auditing operating 
system functions' 604 securely handle tasks that relate to virtual 
distribution environment 100. SPU 500 provides or supports 
many of the security functions of the "rights and auditing 

operating system functions" 402. The "other operating system scalable." A 'scalable" 

operating system 602 means that there can be a standardized 
interface across many different appliances performing a wide 
variety of tasks. 

The 'rights operating system fimctions" 604 are "services 
based" in this example. For example, "rights operating system 
fimctions" 604 handle summary requests from application 608 
rather than... physically enclosed 

within a secure enclosure. However, since it may not be practical 
or cost-effective to physically secure secondary storage 652 in 
many implementations, secondary storage 652 may be used to 
store information in a secure manner by encrypting information 



before storing it in secondary storage 652. If information is. ..the preferred embodiment, 
microprocessor 520 normally 

handles the most security sensitive aspects of the operation of 
electronic appliance 600. For example, microprocessor 520 may 
- 196 

manage VDE decrypting, encrypting, certain content and/or 

appliance usage control information, keeping track of usage of 

VDE secured content, and other VDE usage control related... ROS') 602. 

Rights Operating System 602 

Rights Operating System ('ROS") 602 in the preferred 
embodiment is a compact, secure, event-driven, services-based, 
'component' oriented, distributed multiprocessing operating 
system environment that integrates VDE information security 
control information, components and protocols with traditional 
operating system concepts. IAke traditional operating systems, 
ROS 602... for 'low end' set tops are a few of many examples 
C can be integrated in traditional and real time operating 
systems 
DistributLd 

C provides distribution of control information and reciprocal 

control information and mechanisms 

C supports conditional execution of controlled processes 

within any VDE node in a distributed, asynchronous 

arrangement 

C controlled delegation of rights in a distributed environment 
C supports chains of handling and control 
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c management environment for distributed, occasionally 
connected but otherwise asynchronous networked database 

C real time and integrated into existing operating 

systems 

C can support applications not specifically written to use it 
Network friendly 

C internal OS structures may use RPCs to distribute 

processing 

C subnets may seamlessly operate as a single node or 
independently 

General Background Regarding Operating Systems 

An "operating system" provides a control mechanism for...RPC) internal processing 
request structure. 

Cooperating processors may request interprocess services using a 
227 

ndent and can be 

RPC mechanism, which is minimally time depe 



distributed over cooperating processors on a network of hosts. 
The multi-processor architecture provided by ROS 602 is easily 

extensible to support any number of host permits information and control structures to 

automatically, securely pass between sites as required to fiffill a 
user's requests. Communications between VDE nodes under the 
distributed processing features of ROS 602 may include 
interprocess service requests as discussed above. ROS 602 
supports conditional and/or state dependent execution of 

controlled processors accessible, or carried along by the 

process to support execution on a remote system. 

ROS 602 provides distribution of control information, 
including for example the distribution of control structures 
required to permit 'agents' to operate in remote environments. 

Thus, ROS 602 provides facilities for passing execution and/or 
information control as model. 

The ROS 602 distribution process (and the associated 
auditing of distributed information) is a controlled event that 
itself uses such control structures. This "reflective" distributed 
processing mechani m permits ROS 602 to securely distribute 
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rights and permissions in a controlled manner, and effectively 
restrict the characteristics of use of information content. The 
controlled delegation of rights in a distributed environment and 
the secure processing techniques used by ROS 602 to support this 
approach provide significant advantages locations in a 
controlled way. For example, a usage control associated with 
object content at a user's location may have a reciprocal control at 
a distributor's location that governs distribution of the usage 
control, auditing of the.. .VDE object 300. This application may 
reference structures provided by other parties. Such references 
, for example, take the form of a control path that uses 
content creator structures to meter user activities; and structures 
created/owned by a financial provider to handle financial parts of 
a content distribution transaction (e.g., defining a credit budget 
that must be present in a control structure to establish 
-253 

creditworthiness, audit processes which must be performed... same RPC interface is used 
by ROS 

602 in the preferred embodiment to request services within and 
outside of the operating system, a request for distributed and/or 
remote processing incurs substantially no additional operating 



Claims: 



...f) securely ensuring said consequences. 

926. A system for secure digital tran action managementwherein digital information is 
encrypted by a first party at a firstlocation and distributed, characterized by:a first 
protected processing environment for enabling thefirst party to securely associate at least 

a first control with saidinformation,a further protected processing environment for on 

the first and further controls. 

12 A method for secure digital transaction management 
wherein digital information is enciypted by a first party at a firstlocation and 
distributed, characterized by the following steps:enabling the first party to securely 
associate at least afirst control with said information,enabling a further party to... 
...consequence at least in part on thetransmitted controls. 927. A method for securely 
automating distributedelectronic processes including:a) providing secure, interoperable, 
general purposerights management processing means to multiple,parties;b) establishing 
secure process management controls forautomatically, at least partially remotely, 

andsecurely supporting requirements related toelectronic events electronic processes 

at saidparty sites to enforce interests related to saidelectronic content. 
14 A system for securely automating distributed 

electronic processes including:interoperable rights management processing 
meandisposed at multiple parties' sites;control establishing mean for establishing secure 
processmanagement controls; for remotely, automatically, and securelysupporting 
requirements related to...defming protected processing environments, andproviding, with 
a secure database server, information forprocessing by the network workstation protected 
processingenvironments. 

29 A distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, characterized in that 
at least one of the pluralnodes provides a protected processing environment that 

performs function for a client comprising at least a portion of theprotected processing 

environment of at least one other node. 

30 In a distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, a method 
characterized by providing, with at leastone of the plural nodes, a protected processing 
environment... the electronic certificateauthenticates the user class characteristic reflected 
by the token ;andmeans for using the certified, authenticated token as abasis for granting 
rights. 

42 A system for securely managing a distributed 

electronic commerce environment including: means for identifying an electronic 
commerce participantby specifying at least one user category;means for authenticating 
such user... request and associateduser identity; andmeans for issuing an electronic 
certificate specifying atleast one user class characteristic. 945. A method or system of 
managing rights characterizedin that a cryptographically signed token is used to 
certifymembership in a class, the token is authenticated, and the classmembership 
represented by the token is used as a basis forgranting and/or withholding rights and/or 
permissions. 

53 A method or system of managing rights characterized 



in that a cryptographically signed token is used to certifymembership in a class, the status 

of such token is ascertained,and the class by the token is used as abasis for allowing a 

user presenting the token to create electronicrules. 

54 A method or system of managing rights characterized 

in that a cryptographically signed token is used to certifymembership in a class, the token 
is validated, and the classmembership represented by... currency within a 
softwarecontainer, and950means for delivering the software container as payment 
forgoods or services. 

61 A method or system for managing rights within an 

organization characterized in that electronic containers aredistributed within the 
organization, the electronic containershaving controls associated therewith, the controls 
enforcing, atleast in part, an organizational hierarchy relating to the use ofthe containers 
and/or the contents thereof. 

62 A method of organizational rights management 

characterized by the steps ofdistributing an electronic container within an 
organizationandrestricting usage, access and/or further distribution of theelectronic 
container or the contents thereof within or outside ofthe organization based on electronic 
controls associated with theelectronic container. 

63 A system for organizational rights management 

characterized by:means for distributing an electronic container andmeans for restricting 
usage, access and/or furtherdistribution of the electronic container or the contents 
thereof951 within or outside of the organization based on electronic controlsassociated 
with the electronic container. 

64 A method of organizational rights management 

characterized by the steps ofdistributing electronic containers within an 
organization,andusing the electronic containers, at least in part, toadmini ter content 
usage by persons within the organization. 

65 A system for organizational rights management 

characterized by:means for distributing electronic containers within anorganization, 
andmeans for using the electronic containers, at least in part,to administer content usage 
by persons within the organization. 

66 A method of organizational rights management 
characterized by the steps ofdistributing electronic containers within an 
organization,andusing the electronic containers, at least in part, toadminister use of 
money within the organization. 

67 A system for organizational rights management 

characterized by electronic containers distributed within an952organization for, at least in 
part, administering use of money within the organization. 

68 A method of organizational rights management 

characterized by the steps ofdistributing protected processing environments within 
anorganization, andusing the environments to, at least in part, to administercontent usage 
by persons within the organization. 

69 A system for organizational rights management 

characterized by protected processing environments distributedwithin an organization, 
for, at least in part, admini teringcontent usage within the organization. 

70 A method of organizational rights management 



characterized by the steps of:distributing protected processing environments within 
anorganization, andusing the processing environments to, at least in part, toadmini ter use 
of money by persons within the organization.7 1. A system for organizational rights 
managementcharacterized by plural protected processing environments953distributed 
within an organization for, at least in part,achnini tering use of money within the 
organization. 

72 A rights management appliance including: 

a user input device,a user ...defining a protected processingenvironment,characterized in 
that the protected processing environmentstores and uses permissions, methods, keys, 
program and/orother information to electronically manage rights. 

73 In a rights management appliance including: 

a user input device,a user display device,at least one processor, andat least one element 
defining a protected processingenvironment,a method of operating the appliance 
characterized by thestep of storing and using permissions, methods, keys, programsand/or 
other information to electronically manage rights. 

74 A rights management appliance including at least one 

processor element at least in part defining a protected processing954environment, 
characterized in that the protected processingenvironment stores and uses permissions, 
methods, keys,program and/or other information to electronically managerights. 

75 In a rights management appliance including at least 

one processor element at least in part defining a protectedprocessing environment, a 
method comprising storing and usingpermissions, methods, keys, program and/or other 
informationto electronically manage rights. 

76 A method of electronically storing information in a 

repository and distributing it on request, characterized in thatthe information is protected 

by associating electronic at least one cryptographic key, andat least one orgam ational 

structure relating the key to theproperty and/or attribute. 

82 A distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, characterized in that 
each node can perform selfadmini tering processes in response to electronic components. 

83 A... the electronic transaction at the first location based at 
least in part on receipt of the signal from the second location. 

93 A distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, characterized in that 
each node can performelectronic processes in response to receipt and assembly 
ofelectronic components, and the node authenticates each of theelectronic components 
before assembling them. 

94 A distributed electronic rights management method 

comprising:performing, with at least one protected processingenvironment, electronic 
processes in response to receipt andassembly of electronic components, 

andauthenticating, within the method as in claim 94 wherein the authenticating step 

includes the step of obtaining a corresponding certificatefrom a certifying authority.961. 
A distributed electronic rights management systemcomprising plural nodes having 
protected processingenvironments, characterized in that each node can performelectronic 
processes in response to receipt and assembly ofelectronic components, and the node 
authenticates each of theelectronic components by obtaining a corresponding 



certificatefrom a certifying authority. 

97 In a distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, a certifying authority 
that issues certificatesallowing each node to authenticate electronic components 
beforeassembling them to perform and/or control electronic rightsmanagement 

processes. 

98 In a distributed electronic rights management system 

comprising plural nodes each having a protected processingenvironment, a method 
characterized by the step of issuingcertTicates allowing each node to authenticate 
electroniccomponents before assembling them to perform and/or controlelectronic rights 
management processes. 

99 A distributed electronic rights management system 

comprising plural nodes having protected processingenvironments, characterized in that 

said nodes enforce usage962and/or access controls and is capable of electronically i 

Compensation from a user and/or other processing of usageinformation for subsequent 
tran fer to rights holders. 100. In a distributed electronic rights management 
systemcomprising plural nodes having a protected processingenvironment, a method 
characterized by the step of enforcingusage and/or access controls and electronically 
obtainingcompensation from a user and/or other processing of usageinformation for 
subsequent transfer to rights holders. 101. A distributed electronic rights management 
systemcomprising plural nodes each having a protected processingenvironment, 
characterized in that each node enforces usageand/or access controls based on receipt of 
information frommultiple other nodes. 102. A distributed electronic rights management 
methodcharacterized by the step of enforcing, with a protectedprocessing environment, 
usage and/or access controls based onreceipt of information from multiple other 
nodes. 103. A distributed electronic rights management systemcomprising plural nodes 
having protected processingenvironments, characterized in that said nodes are capable of 

at9631east temporarily extending electronic credit to an characterized by the step of at 

least temporarily extendingelectronic credit to an associated user for use in 
compensatingrights holders. 105. A distributed electronic rights management 
systemcomprising plural nodes each having a protected processingenvironment, 
characterized in that said nodes are capable ofrequesting and obtaining a user-specific 
electronic creditassurance from a clearinghouse before granting the user rights toaccess 
and/or use electronically protected information. 106. In a distributed electronic rights 
management systemcomprising plural nodes each having a protected 
processingenvironment, a method characterized by the step of requestingand obtaining a 
user-speciRc electronic credit assurance from aclearinghouse before granting the user 
rights to access and/or useelectronically protected information. 964. A distributed 
electronic rights management systemcomprising plural nodes each having a protected 
processingenvironment, characterized in that each node is capable ofperforming and/or 
requesting an electronic debit or credittransaction as a condition to granting the user 
rights to accessand/or use electronically protected information. 108. In a distributed 
electronic rights management systemcomprising plural nodes each having a protected 
processingenvironment, a method characterized by the step of performingand/or 
requesting an electronic debit or credit transaction as acondition to granting the user 
rights to access and/or useelectronically protected information. 109. A distributed 



electronic rights management systemcomprising plural nodes each having a protected 
processingenvironment, characterized in that each node can maintain anaudit trail of user 
activities for reporting to a centralized location,the centralized location analyzing the user 
activities based on theaudit trail. 110. In a distributed electronic rights management 
systemcomprising plural nodes each having a protected processingenvironment, a method 
characterized by the steps of.965maintainin , a plural locations, audit trails of... 
...activities for reporting to a centralized location, andanalyzing, at the centralized 
location, the user activitiesbased on the audit trail. 111. A distributed electronic rights 
management systemcomprising plural nodes having protected processingenvironments, 
characterized in that said node can monitor useractivities and trigger the occurrence of 

unrelated events based secure container. 1 14. A system as in claim 111 wherein the 

unrelated eventis use of the protected processing environment. 1 15. In a distributed 
electronic rights management systemcomprising plural nodes having protected 
processingenvironments, a method characterized by the step of monitoring ...activation of 
an application program,use of a secure container, anduse of the protected processing 
environment. 117. A method of compromising a distributed electronicrights 
management system comprising plural nodes havingprotected processing environments, 
characterized by thefollowing steps:exposing a certification private key to allow a person 

topass a and/or (b) exposing externalcommunication keys,creating a processing 

environment based at least in part onthe above-mentioned steps, andparticipating in 
distributed rights management using theprocessing environment.967. A processing 
environment for compromising adistributed electronic rights management system 
comprisingplural nodes having protected processing environments,characterized by the 
following:means including an exposed certification private key topass a 

challenge/response protocol for defeating at least one of (a) an 

initializationchallenge/response security, and/or (b) exposing externalcommunication 
keys, andmeans for participating in distributed rights management. 1 19. A method of 
compromising a distributed electronicrights management system comprising plural 
nodes havingprotected processing environments, characterized by the step 
ofcompromising the permissions record of an electronic containerand using the 
compromised permissions record to access and/oruse electronic information. 120. A 
system for compromising a distributed electronicrights management system comprising 
plural nodes havingprotected processing environments, characterized by mean forusing a 
compromised permissions record of an electroniccontainer for accessing and/or... 
...compromised system- wide key to decrypt and compromisecontent and/or admini trative 
information of a protectedprocessing environment without authorization. 123. A 
distributed electronic rights management systemcomprising plural nodes having 
protected process'environments, characterized in that said nodes can 
electronicallyfingerprint content before releasing it in unprotected form. 124. In a 
distributed electronic rights management systemcomprising plural nodes having 
protected processingenvironments, a method characterized by performing, in at leastone 
of the nodes, the step of electronically fingerprinting contentbefore releasing it in 
unprotected form. 125. A distributed electronic rights management systemcomprising 
plural nodes having protected processingenvironments, characterized in that said nodes 
can embed,969within the electronic content, an electronic fingerprint contspecified... 
...identif@ing a content rights holder and/oran indication of origin before including the 



content in anelectronic container or allowing access to such content. 126. In a distributed 
electronic rights management systemcomprising plural nodes having protected 
processingenvironments, a ...information identifying a contentrights holder and/or an 
indication of origin before including thecontent in an electronic container or allowing 
access to suchcontent.127. A distributed electronic rights management 
systemcomprising plural nodes having protected processingenvironments, characterized 
in that the system includes one ormore usage clearinghouses that receive usage 
information fromone or more of the plural nodes. 128. In a distributed electronic rights 
management systemcomprising plural nodes having protected processingenvironments, 
a method characterized by the step of receiving,with a usage clearinghouse, usage 
information from one or moreof said plural nodes. 970. A distributed electronic rights 
management systemcomprising plural nodes having protected processingenvironments, 
characterized in that the system includes one ormore financial clearinghouses that receive 
financial informationrelating to the use of or access to content from one or more 
ofnodes.130. In a distributed electronic rights management systemcomprising plural 
nodes having protected processingenvironments, a method characterized by the step of 
receiving,with one or more financial clearinghouses, financial informationfrom one or 
more of the plural nodes. 131. A distributed electronic rights management 
systemcomprising plural nodes having protected processingenvironments, characterized 
in that the system includes one ormore analysis clearinghouses that receive information 
from oneor more of the plural nodes and analyzes the receivedinformation.132. In a 
distributed electronic rights management systemcomprising plural nodes having 
protected processingenvironments, a method characterized by the step of receiving, with 

one or more analysis clearinghouses, information from one nodes having protected 

processingenvironments. 134. A method of providing credit for interaction withcontent to 
a protected processing environment node. 135. A distributed electronic rights 
management systemcomprising plural nodes having protected processingenvironments, 
characterized in that the system includes one ormore clearinghouses that tran mits rights 
and/or permissioinformation to one or more of the plural nodes. 136. In a distributed 
electronic rights management systemcomprising plural nodes having protected 
processingenvironments, a method characterized by the step of transmittingrights and/or 
permissioning information from a clearinghouse toone or more of the plural nodes 972. A 
distributed electronic rights management systemcomprising plural nodes having 
protected processingenvironments, characterized in that the system includes one ormore 
clearinghouses that periodically transmit cryptographicmaterial to one or more of said 
nodes, the cryptographic materialrenewing and/or replacing expiring cryptographic 
material. 138. In a distributed electronic rights management systemcomprising plural 
nodes having protected processingenvironments, a method characterized by the step of 
periodicallytran mitting cryptographic material from one or moreclearinghouses...A 
secure electronic container, characterized in thatthe container contains electronic controls 
for controlling, at leastin part, the use of and/or access to distributed electronic 
content. 142. A method comprising:accessing electronic controls within a secure 
electroniccontainer; andusing the controls for controlling, at least in part, the use ofand/or 
access to distributed electronic content. 143. A secure electronic container characterized 
in thatthe container contains electronic controls that cause electroniccontent to expire on 
a time-dependent basis. 144 for maintaining abitmap meter data structure including 



data partitions thatsubdivide the metering information by time and/or subjectmatter.147. 
A distributed electronic rights management systemcomprising plural nodes having 
protected processingenvironments, characterized in that the system permits at leastsome 
of the nodes to securely describe permitted uses ofelectronic content and securely 
enforces said description. 148. In a distributed electronic rights management 
systemcomprising plural nodes having protected processingenvironments, a method 
characterized by the steps of permittingat least some of the nodes to securely 
describe... information, database means operatively connected tosaid protected processing 
environment for, at least in part,storing multimedia usage control information, and 
protectedtraveling objects containing distributed multimedia electroniccontent.189. In 
an electronic multimedia arrangement containinga protected processing environment, a 
method characterized bythe steps of storing multimedia usage control information 
withina database mean operatively connected to said protectedprocessing environment, 
and controlling, based at least in part onthe stored information, protected traveling objects 
containingdistributed multimedia electronic content. 989. An electronic multimedia 
arrangement cont 6 ointeroperable protected processing environments for controllingthe 
use of multimedia, said arrangement including component,modular, protected 
multimedia... one of the real time clocks. 199. A method of distributing information 
characterized bythe steps of compressing information, encrypting the 
compressedinformation at the first location, distributing the encryptedinformation to 
one or more second locations, using a tamperresistant integrated circuit to first decrypt 
and then decompressthe information.200. A system for distributing information 
characterizedby:means for compressing information,means for encrypting the 
compressed information at thefirst location,means for distributing the encrypted 
information to one ormore second locations, andmeans for using a tamper resistant 
integrated circuit tofirst decrypt and then decompress the. ..agent for said first party.217. 
A method of governing taxation of commercial eventsresulting from electronic chain of 
handling and controlcharacterized by a first step of distributing secure 
digitalinformation to a user and specifying secure control informationcontrolling at least 
one condition for use of said digitalinformation and a second. ..storing, within the secure 
databases, atleast a portion of such control instructions for use by said at leastone secure 
processing unit.233. A content distribution system comprising pluralelectronic 
appliances containin one or more interoperable secureprocessing units operatively 

connected to one or more databasesfor use with at least foruse in deciypting 

distributed, encrypted digital information, and(b) encrypted audit information, said audit 
information reflectingat least one aspect of use of said distributed digital 
information234. A content distribution method comprising: distributing plural 
electronic appliances containing one ormore interoperable secure processing 
unitsoperatively connecting the appliances to one or moredatabases,storing within said 
one or... with the search results for establishing at least one conditionrelated to the use of 
at least one portion of said search results. 253. A rights management system comprising 
protectedinformation, at least two protected processing arrangements, anda rights 
management language that allows the expression ofpermitted operations and the 
consequences of performing suchoperations on at least a portion of the information 
processed atleast in part by at least one of the protected processingarrangements.1014. A 
rights management method comprising:providing protected information for processing 



by at leasttwo protected processing arrangements, andexpressing, in a rights 
management language, permittedoperations and the consequences of performing such 
operationson at least a portion of the information processed at least in partby at... 
...protected processing arrangements .255. A method of protecting digital 
informationcharacterized by the steps of encrypting at least a portion of theinformation, 
using a rights management language to describe theconditions related to use of the 
information, distributing at leasta portion of such information and at least a portion of... 
...such information.256. A system for protecting digital informationcharacterized 
by:mean for encrypting at least a portion of the information,mean for using a rights 
management language to describethe conditions ...including at least oneprotected 
processing arrangement for securely governing at leasta portion of the use of such 
information.257. A distributed digital information management systemcomprising 
software components, a rights management languagefor expressing processing 
relationships between two or more ofthe software components, protected processing 
means for at leasta portion of the software components and at least a portion of therights 
management expressions, means for protecting content,means for creating software 
objects that relate protected contentto rights management expressions, and means for 
deliveringprotected content, rights management expressions, and suchsoftware objects 
from a providing location to a user's location. 258. A distributed digital information 
managementmethod comprising:expressing, in a rights management language, 
processingrelationships between two or more of the software components,processing, 
within at least one protected environment, atleast a portion of the software components 
and at least a portionof the rights management expres 
sions, 

1016protecting content,creating software objects that relate protected content torights 
management expressions, anddelivering protected content, rights 
managementexpressions, and such software objects from a providing locationto a user's 
location. 259. An authentication system comprising at least twoelectronic appliances, 
at.. .or 290 wheresome or all of such accounting and/or other admini trativeinformation is 
included in such control information. 1033. A method of distributing content 
characterized by thesteps of creating one or more first secure containers, 
associatingcontrol information with such first containers includinginformation describing 

the conditions under with such one ormore second secure containers based at least in 

part on controlinformation associated with such first containers. 295. A system for 
distributing content characterized byrmeans for creating one or more first secure 
containers,means for associating control information with such firstcontainers including 
information describing the conditions.. .with such one ormore second secure containers 
based at least in part on controlinformation associated with such first containers. 296. A 
method of distributing content characterized by thesteps of creating one or more first 
secure containers, associatingcontrol information with such first secure containers 

includinginformation describing the conditions new control information at least inpart 

as a consequence of such one or more embedding and/orsecure association 
operations. 297. A system for distributing content characterized bymeans for creating 
one or more first secure containers,means for associating control information with such 
firstsecure containers including information describing the... seniority of control 
information system; and/orsecure distribution and enforcement of rules and 



controlsseparately from the content they apply to; and/orredistribution management by 
controlling the rights and/ornumber of copies and or pieces etc. that may be 
redistributed;and/oran electronic commerce taxation system; and/oran electronic 

shopping oran electronic catalog system; and/orl067a system handling electronic 

banking, electronic shopping,and electronic content usage management; and/oran 
electronic commerce multimedia system; and/ora distributed, secure, electronic point of 
sale system; and/oradvertising; and/orelectronics rights management; and/ora 
distributed electronic commerce system; and/ora distributed transaction system or 
environment; and/ora distributed event management system; and/ora.. .and associated 
control information,(b) a second secure container containing further at least in 
partprotected digital information and associated control information,W means to 
distribute said first and second containers to users,(d) communication means for 
communicating information at leastin part derived from user usage of said first container 
digitalinformation. . . 
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